Browse all 7 CVE security advisories affecting Plug&Track. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Plug&Track serves as a vehicle tracking and fleet management solution, enabling real-time monitoring of assets and drivers. Historically, it has been susceptible to multiple remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, alongside privilege escalation flaws that could allow unauthorized access to sensitive location and operational data. The platform's exposure stems from its web interface and API integrations, with seven CVEs documenting these weaknesses. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential for significant compromise if exploited, particularly given the sensitive nature of location and fleet data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-31203 | Plug and Track Thermoscan IP 安全漏洞 — Thermoscan IPCWE-121 | 3.3 | Low | 2024-07-31 |
| CVE-2024-31202 | Plug and Track Thermoscan IP 安全漏洞 — Thermoscan IPCWE-732 | 7.8 | High | 2024-07-31 |
| CVE-2024-31201 | Plug and Track Thermoscan IP 安全漏洞 — Thermoscan IPCWE-428 | 6.5 | Medium | 2024-07-31 |
This page lists every published CVE security advisory associated with Plug&Track. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.