CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A Remote Code Execution vulnerability exist in Uffizio's GPS Tracker all versions. The web server can be compromised by uploading and executing a web/reverse shell. An attacker could then run commands, browse system files, and browse local resources...

9.8CVSS7.4AI score0.00313EPSS

Exploits0

RedhatCVE•added 2025/05/22 3:16 p.m.•4 views

CVE-2020-17483

An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have...

7.5CVSS6.5AI score0.00199EPSS

Exploits0

NVD•added 2023/12/16 1:15 a.m.•9 views

CVE-2020-17484

An Open Redirection vulnerability exists in Uffizio's GPS Tracker all versions allows an attacker to construct a URL within the application that causes a redirection to an arbitrary external domain...

6.1CVSS0.00096EPSS

Exploits0References2

Prion•added 2023/12/16 1:15 a.m.•24 views

Improper access control

5CVSS6.7AI score0.00199EPSS

Exploits0References2

Prion•added 2023/12/16 1:15 a.m.•11 views

Open redirect

5.8CVSS7.1AI score0.00096EPSS

Exploits0References2

CVE•added 2023/12/16 12:0 a.m.•33 views

CVE-2020-17485

CVE-2020-17485 affects Uffizio’s GPS Tracker (all versions) and describes a Remote Code Execution via the web server by uploading and executing a web/reverse shell. The vulnerability path allows an attacker to upload a dangerous file and then run commands, browse system files, and access local re...

9.8CVSS9.3AI score0.00313EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2023/12/16 12:0 a.m.•1 views

PT-2023-11481 · Uffizio · Uffizio'S Gps Tracker

Name of the Vulnerable Software and Affected Versions: Uffizio's GPS Tracker all versions Description: An improper access control issue exists, leading to sensitive information disclosure of connected devices. Visiting the vulnerable host at port 9000 returns a JSON body with details about deploy...

7.5CVSS7.3AI score0.00199EPSS

Exploits0References6

Cvelist•added 2023/12/16 12:0 a.m.•11 views

CVE-2020-17485

9.4AI score0.00313EPSS

Exploits0References2

Cvelist•added 2023/12/16 12:0 a.m.•12 views

CVE-2020-17484

6.2AI score0.00096EPSS

Exploits0References2

Cvelist•added 2023/12/16 12:0 a.m.•12 views

CVE-2020-17483

7.4AI score0.00199EPSS

Exploits0References2

CVE•added 2023/12/16 12:0 a.m.•29 views

CVE-2020-17484

CVE-2020-17484 : Uffizio’s GPS Tracker (all versions) has an Open Redirect vulnerability. An attacker can craft a URL within the application to redirect victims to an arbitrary external domain due to insufficient input/URL validation. Impact is described as redirecting to an external site; exploi...

6.1CVSS6.2AI score0.00096EPSS

Exploits0References2Affected Software1

CVE•added 2023/12/16 12:0 a.m.•31 views

CVE-2020-17483

Summary: CVE-2020-17483 affects Uffizio's GPS Tracker (all versions) due to an improper access control (CWE-284) that allows disclosure of sensitive information for all connected devices. Access via port 9000 returns a JSON payload detailing deployed devices, implying potential exposure over the ...

7.5CVSS7.3AI score0.00199EPSS

Exploits0References2Affected Software1

NVD•added 2022/04/22 3:15 p.m.•10 views

CVE-2021-32929

All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user...

8.8CVSS0.00088EPSS

Exploits0References1

NVD•added 2022/04/22 3:15 p.m.•14 views

CVE-2021-32927

An attacker may be able to inject client-side JavaScript code on multiple instances within all versions of Uffizio GPS Tracker...

7.1CVSS0.00181EPSS

Exploits0References1