Low severity2.4NVD Advisory· Published Aug 28, 2025· Updated Jun 17, 2026
CVE-2025-51643
CVE-2025-51643
Description
Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is accessible without authentication or tamper protection. An attacker with physical access to the device can use a standard SPI programmer to extract the firmware using flashrom. This results in exposure of sensitive configuration data such as APN credentials, backend server information, and network parameter
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Meitrack/T366G-L GPS Trackerdescription
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.