Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller
Vulnerability Description
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the phone number of the device (via an IMSI Catcher, for example) to send administrative commands to the device. These commands can be used to provide ongoing, real-time access to the device and can configure parameters such as IP addresses, firewall rules, and passwords.
CVSS Information
N/A
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
CalAmp LMU-3030 安全漏洞
Vulnerability Description
CalAmp LMU-3030是美国CalAmp公司的一款GPS跟踪设备。 CalAmp LMU-3030 OBD-II版本、CDMA版本和GSM版本中存在身份验证绕过漏洞。远程攻击者可利用该漏洞获取设备的访问权限并配置参数(IP地址,防火墙规则和密码)。
CVSS Information
N/A
Vulnerability Type
N/A