Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2025/06/12 8:5 p.m.11 views

CVE-2025-5485 SinoTrack GPS Receiver Weak Authentication

User names used to access the web management interface are limited to the device identifier, which is a numerical identifier no more than 10 digits. A malicious actor can enumerate potential targets by incrementing or decrementing from known identifiers or through enumerating random digit sequenc...

8.8CVSS0.004EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/06/12 8:5 p.m.6 views

CVE-2025-5485 SinoTrack GPS Receiver Weak Authentication

User names used to access the web management interface are limited to the device identifier, which is a numerical identifier no more than 10 digits. A malicious actor can enumerate potential targets by incrementing or decrementing from known identifiers or through enumerating random digit sequenc...

8.8CVSS8.6AI score0.004EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/06/12 8:3 p.m.4 views

CVE-2025-5484 SinoTrack GPS Receiver Weak Authentication

A username and password are required to authenticate to the central SinoTrack device management interface. The username for all devices is an identifier printed on the receiver. The default password is well-known and common to all devices. Modification of the default password is not enforced duri...

8.3CVSS8.4AI score0.00229EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/06/12 8:3 p.m.14 views

CVE-2025-5484 SinoTrack GPS Receiver Weak Authentication

A username and password are required to authenticate to the central SinoTrack device management interface. The username for all devices is an identifier printed on the receiver. The default password is well-known and common to all devices. Modification of the default password is not enforced duri...

8.3CVSS0.00229EPSS
Exploits0References2
HackRead
HackReadadded 2025/06/11 9:10 p.m.11 views

CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers

The US CISA reports critical vulnerabilities in SinoTrack GPS devices that could let attackers remotely control vehicles and track locations. Discover the vulnerabilities and essential steps to secure your device...

7.5AI score
Exploits0
The Hacker News
The Hacker Newsadded 2025/06/11 10:28 a.m.22 views

SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords

Two security vulnerabilities have been disclosed in SinoTrack GPS devices that could be exploited to control certain remote functions on connected vehicles and even track their locations. "Successful exploitation of these vulnerabilities could allow an attacker to access device profiles without...

7.9AI score0.004EPSS
Exploits0
Rows per page
Query Builder