Browse all 5 CVE security advisories affecting iTrack. AI-powered Chinese analysis, POCs, and references for each vulnerability.
iTrack is a vulnerability management platform designed to identify, track, and remediate security weaknesses across organizational assets. Historically, it has been associated with common vulnerability classes including remote code execution, cross-site scripting, and privilege escalation flaws. The platform has recorded five CVEs to date, with notable security characteristics including its integration capabilities with various security tools. While no major public incidents have been widely reported, the presence of CVEs indicates potential areas for improvement in secure coding practices and input validation. Organizations implementing iTrack should ensure timely patching of identified vulnerabilities to maintain security posture.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2016-6542 | The MAC address/device tracking ID of an iTrack Easy can be obtained within range of the device — EasyCWE-200 | 5.3 | - | 2018-07-13 |
| CVE-2016-6543 | A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data — EasyCWE-799 | 7.5 | - | 2018-07-13 |
| CVE-2016-6544 | iTrack Easy's getgps data can be modified without authentication — EasyCWE-306 | 7.5 | - | 2018-07-13 |
| CVE-2016-6545 | iTrack Easy does not use session cookies to maintain sessions and POSTs the users password over HTTPS for each request — EasyCWE-613 | 9.8 | - | 2018-07-13 |
| CVE-2016-6546 | iTrack Easy mobile application stores the user password in base-64 encoding/cleartext — EasyCWE-313 | 8.4 | - | 2018-07-13 |
This page lists every published CVE security advisory associated with iTrack. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.