CVE-2016-6544

CVE-2016-6544: iTrack Easy's getgps data can be modified without authentication

Weakness CWE-306 · Missing auth
Published July 13, 2018
Last update August 6, 2024

CVSS base score

What the vulnerability does

01Description

getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device.

Key dates

02Disclosure timeline

July 13, 2018 CVE published
August 6, 2024 Record updated