CVE-2016-6544

Summary

getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device.

Affected Software

VendorProductVersion RangeStatus
iTrackEasyN/Aunknown

Weaknesses

  • CWE-306: CWE-306: Missing Authentication for Critical Function

ADP Enrichment

CVE Program Container

Additional References

References