Traccar Server
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-1000881 | 0.01 | — | 0.04 | Dec 20, 2018 | Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web… | |||
| CVE-2024-7746 | 0.00 | — | 0.01 | Aug 13, 2024 | Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication… | |||
| CVE-2019-5748 | 0.00 | — | 0.02 | Jan 9, 2019 | In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks. |
- CVE-2018-1000881Dec 20, 2018risk 0.01cvss —epss 0.04
Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web…
- CVE-2024-7746Aug 13, 2024risk 0.00cvss —epss 0.01
Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication…
- CVE-2019-5748Jan 9, 2019risk 0.00cvss —epss 0.02
In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks.