Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
micodus mv720 firmware - vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-34150
The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object reference vulnerability on endpoint and parameter device IDs, which accept arbitrary device IDs without further verification.
Micodus Mv720 Firmware -
1 Article
6.5
CVSSv3
CVE-2022-33944
The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter “Device ID,” which accepts arbitrary device IDs.
Micodus Mv720 Firmware -
1 Article
9.8
CVSSv3
CVE-2022-2107
The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an malicious user to send SMS commands directly to the GPS tracker as if they were coming from the GPS owner’s mobile number.
Micodus Mv720 Firmware -
1 Article
6.1
CVSSv3
CVE-2022-2199
The main MiCODUS MV720 GPS tracker web server has a reflected cross-site scripting vulnerability that could allow an malicious user to gain control by tricking a user into making a request.
Micodus Mv720 Firmware -
1 Article
9.8
CVSSv3
CVE-2022-2141
SMS-based GPS commands can be executed by MiCODUS MV720 GPS tracker without authentication.
Micodus Mv720 Firmware -
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started