Описание
Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying information, such as GPS data and IMEI numbers, to any man-in-the-middle (MitM) listener.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:eviewgps:ev-07s_gps_tracker_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:eviewgps:ev-07s_gps_tracker:-:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-326
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying information, such as GPS data and IMEI numbers, to any man-in-the-middle (MitM) listener.
EPSS
Процентиль: 19%
0.00061
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-326