Vulnerabilities > CVE-2020-17483 - Unspecified vulnerability in Uffizio GPS Tracker

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

uffizio

NVD

Published: 2023-12-16

Updated: 2023-12-20

Summary

An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have been deployed.

Vulnerable Configurations

Part	Description	Count
Application	Uffizio Uffizio GPS Tracker *	1

References

https://www.uffizio.com/
https://www.cisa.gov/news-events/ics-advisories/icsa-21-287-02