2 matches found
CVE-2012-2562
The CVE-2012-2562 entry concerns Xelex MobileTrack for Android (≤ 2.3.7). The issue is lack of verification of SMS command origin, allowing an unauthenticated remote attacker to issue commands (LOCATE, TRACK, UPDATECFG, UPDATEACCT, STAT, TERM, WIPE) via SMS. Consequences cited include possible un...
CVE-2012-2567
The CVE-2012-2567 entry refers to Xelex MobileTrack for Android (2.3.7 and earlier) that uses hardcoded credentials and transmits data over an insecure FTP/HTTP session, exposing potentially sensitive user data. Root cause: information exposure due to non-secure authentication/storage configurati...