Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Setracker2 Children's Smartwatch Ecosystem Generation of Predictable Numbers or Identifiers
Vulnerability Description
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior have a predictable registration ID derived from IMEI. The enrollment system lacks additional authentication before assignment. If an attacker is able to obtain the registration ID, they would be able to arbitrarily enroll watches belonging to other users.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
可预测问题
Vulnerability Title
Shenzhen i365-Tech Setracker2 Parental Control App 加密问题漏洞
Vulnerability Description
Shenzhen i365-Tech Setracker2 Parental Control App是Shenzhen i365-Tech公司的一款家长控制应用。 Shenzhen i365-Tech Setracker2 Parental Control App 3.1.5及之前版本存在加密问题漏洞,该漏洞源于IMEI派生可预测的注册ID且注册系统缺乏额外身份验证,可能导致攻击者获取注册ID后任意注册属于其他用户的手表。
CVSS Information
N/A
Vulnerability Type
N/A