Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Setracker2 Children's Smartwatch Ecosystem Use of password hash instead of password for authentication
Vulnerability Description
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior only require the password hash when authenticating with backend services from the client. This could allow an attacker, who knows the hash, to authenticate and gain full access.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
在认证机制中使用口令哈希代替口令
Vulnerability Title
Shenzhen i365-Tech Setracker2 Parental Control App 授权问题漏洞
Vulnerability Description
Shenzhen i365-Tech Setracker2 Parental Control App是Shenzhen i365-Tech公司的一款家长控制应用。 Shenzhen i365-Tech Setracker2 Parental Control App 3.1.5及之前版本存在授权问题漏洞,该漏洞源于仅需密码哈希进行客户端与后端服务身份验证,可能导致知道哈希的攻击者通过身份验证并获得完全访问权限。
CVSS Information
N/A
Vulnerability Type
N/A