TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted.
oryginał ENCVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:HThetrackr Trackr
HWThetrackrwszystkie wersjeThetrackr Trackr Firmware
OSThetrackr≤ 2020-05-06
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
DoS
CWE
Powiązane podatności
CVE-2016-6539LOW3.5ten sam produkt
The Trackr device ID is constructed of a manufacturer identifier of four zeroes followed by the BLE MAC addres...
CVE-2016-6538HIGH8.8ten sam vendor
The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in ...
CVE-2016-6541HIGH8.8ten sam vendor
TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to wr...
CVE-2016-6540MEDIUM6.5ten sam vendor
Unauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sendin...