Security News > 2024 > August > Critical Flaws in Traccar GPS System Expose Users to Remote Attacks
2024-08-26 07:45
Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai
News URL
https://thehackernews.com/2024/08/critical-flaws-in-traccar-gps-system.html
Related news
- Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)