The Xelex MobileTrack application 2.3.7 and earlier for Android does not verify the origin of SMS commands, which allows remote attackers to execute a (1) LOCATE, (2) TRACK, (3) UPDATECFG, (4) UPDATEACCT, (5) STAT, (6) TERM, or (7) WIPE command via an SMS message.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2012-05-22T15:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2012-05-09T00:00:00
Link: CVE-2012-2562
JSON object: View
NVD Information
Status : Modified
Published: 2012-05-22T15:55:02.367
Modified: 2017-08-29T01:31:37.570
Link: CVE-2012-2562
JSON object: View
Redhat Information
No data.