CVE-2022-2107

The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an attacker to send SMS commands directly to the GPS tracker as if they were coming from the GPS owner’s mobile number.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-200-01 Third Party Advisory US Government Resource
Configurations

Configuration 1


Information

Published : 2022-07-20 04:15

Updated : 2022-07-27 09:46


NVD link : CVE-2022-2107

Mitre link : CVE-2022-2107

Products Affected
No products.
CWE