CVE-2017-5239

Summary

Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying information, such as GPS data and IMEI numbers, to any man-in-the-middle (MitM) listener.

Affected Software

VendorProductVersion RangeStatus
EviewEV-07S GPS TrackerAllaffected

Weaknesses

  • Sensitive information transmitted in cleartext

ADP Enrichment

CVE Program Container

Additional References

References