Unrated severityNVD Advisory· Published Jul 20, 2022· Updated Apr 16, 2025

ICSA-22-200-01 MiCODUS MV720 GPS tracker Use of Hard-coded Credentials

CVE-2022-2107

Description

The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an attacker to send SMS commands directly to the GPS tracker as if they were coming from the GPS owner’s mobile number.

Affected products

Mico/Mv720v5
Range: All versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisa.gov/uscert/ics/advisories/icsa-22-200-01mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000