Vulnerabilities > Traccar
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-7746 | Improper Authentication vulnerability in Traccar Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism. These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability. | 9.8 |
| 2024-01-15 | CVE-2023-50729 | Unrestricted Upload of File with Dangerous Type vulnerability in Traccar Traccar is an open source GPS tracking system. | 9.8 |
| 2021-02-02 | CVE-2021-21292 | Unquoted Search Path or Element vulnerability in Traccar Traccar is an open source GPS tracking system. | 1.9 |
| 2020-07-14 | CVE-2020-5246 | Injection vulnerability in Traccar Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. | 4.0 |
| 2019-01-09 | CVE-2019-5748 | XXE vulnerability in Traccar Server 4.2 In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks. | 7.5 |
| 2018-12-20 | CVE-2018-1000881 | Code Injection vulnerability in Traccar Server Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. | 7.5 |