Vulnerabilities > Ieasytec

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-13	CVE-2016-6545	Session Fixation vulnerability in Ieasytec Itrackeasy Session cookies are not used for maintaining valid sessions in iTrack Easy. network low complexity ieasytec CWE-384 critical	9.8
2018-07-13	CVE-2016-6544	Improper Authentication vulnerability in Ieasytec Itrack Easy getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. network low complexity ieasytec CWE-287	7.5
2018-07-13	CVE-2016-6543	Improper Access Control vulnerability in Ieasytec Itrack Easy A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device. network high complexity ieasytec CWE-284	5.9
2018-07-13	CVE-2016-6542	Improper Input Validation vulnerability in Ieasytec Itrackeasy The iTrack device tracking ID number, also called "LosserID" in the web API, can be obtained by being in the range of an iTrack device. network high complexity ieasytec CWE-20	3.7

Vulnerabilities > Ieasytec {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ieasytec"}]}