Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ICSA-22-200-01 MiCODUS MV720 GPS tracker Authorization Bypass Through User-Controlled Key
Vulnerability Description
The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object reference vulnerability on endpoint and parameter device IDs, which accept arbitrary device IDs without further verification.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
MiCODUS MV720 GPS 安全漏洞
Vulnerability Description
MiCODUS MV720 GPS是美国MiCODUS公司的一款GPS追踪器。 MiCODUS MV720 GPS 存在安全漏洞,该漏洞源于主 Web 服务器在端点和参数设备 ID 上存在经过身份验证的不安全直接对象引用漏洞,该漏洞无需进一步验证即可接受任意设备 ID。
CVSS Information
N/A
Vulnerability Type
N/A