Vulnerabilities > Thetrackr > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-23 | CVE-2020-13425 | Missing Authorization vulnerability in Thetrackr Trackr Firmware 2.2.5/20200506/5.1.6 TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted. | 7.1 |
| 2018-07-06 | CVE-2016-6541 | Improper Authentication vulnerability in Thetrackr Trackr Bravo Firmware TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. | 8.8 |
| 2018-07-06 | CVE-2016-6538 | Information Exposure vulnerability in Thetrackr Trackr Bravo Firmware The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. | 8.8 |