Critical severity9.8NVD Advisory· Published Jul 20, 2022· Updated Jun 17, 2026
CVE-2022-2107
CVE-2022-2107
Description
The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an attacker to send SMS commands directly to the GPS tracker as if they were coming from the GPS owner’s mobile number.
Affected products
3Patches
Vulnerability mechanics
References
1- www.cisa.gov/uscert/ics/advisories/icsa-22-200-01nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.