CVE-2023-5499

Severity CVSS v4.0:
Pending analysis
Type:
CWE-532 Information Exposure Through Log Files
Publication date:
10/10/2023
Last modified:
19/12/2023

Description

Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week's logs stored in the 'log2' directory. An attacker could retrieve sensitive information such as remembered wifi networks, sent messages, SOS device locations and device configurations.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:reachfargps:reachfar_gps_firmware:28:*:*:*:*:*:*:*
cpe:2.3:h:reachfargps:reachfar_gps:-:*:*:*:*:*:*:*