Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SinoTrack GPS Receiver Weak Authentication
Vulnerability Description
A username and password are required to authenticate to the central SinoTrack device management interface. The username for all devices is an identifier printed on the receiver. The default password is well-known and common to all devices. Modification of the default password is not enforced during device setup. A malicious actor can retrieve device identifiers with either physical access or by capturing identifiers from pictures of the devices posted on publicly accessible websites such as eBay.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Vulnerability Type
CWE-1390
Vulnerability Title
SinoTrack IOT PC Platform 安全漏洞
Vulnerability Description
SinoTrack IOT PC Platform是中国SinoTrack公司的一款定位系统。 SinoTrack IOT PC Platform存在安全漏洞,该漏洞源于默认密码未强制修改,可能导致恶意行为者获取设备标识符。
CVSS Information
N/A
Vulnerability Type
N/A