CVE-2020-17483

Published: Dec 16, 2023Modified: Jun 17, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have been deployed.

Affected (1)

Products: Uffizio: Gps Tracker

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Uffizio Gps Tracker	All versions

References (4)

https://www.cisa.gov/news-events/ics-advisories/icsa-21-287-02

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

https://www.uffizio.com/

Source: cve@mitre.org

Product

https://www.cisa.gov/news-events/ics-advisories/icsa-21-287-02

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://www.uffizio.com/

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.