Showing 1 - 6 of 6

Files from Dennis van Warmerdam

First Active	2024-07-30
Last Active	2024-07-30

One2Track 2019-12-08 Information Disclosure: Posted Jul 30, 2024; Authored by Jasper Nota, Jim Blankendaal, Dennis van Warmerdam; An issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly stored on the smartwatch. Audio files are stored in .amr format, in the audior directory. An attacker who has physical access can retrieve all audio files by connecting via a USB cable.; tags | advisory, info disclosure; advisories | CVE-2019-20469; SHA-256 | 21d88cd70375a513ca358325971700e907cca09906e21a62eda4bd9a20252236; Download | Favorite | View

One2Track 2019-12-08 Missing PIN: Posted Jul 30, 2024; Authored by Jasper Nota, Jim Blankendaal, Dennis van Warmerdam; An issue was discovered on One2Track 2019-12-08 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing the device.; tags | advisory; advisories | CVE-2019-20472; SHA-256 | c354352413f8666ba1eec42b7fabff8e3f67cfd24cf5d6949f74962a76b6e758; Download | Favorite | View

SeTracker2 Excessive Permissions: Posted Jul 30, 2024; Authored by Jasper Nota, Jim Blankendaal, Dennis van Warmerdam; An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE, and READ_CONTACTS.; tags | advisory; advisories | CVE-2019-20468; SHA-256 | 806a413eb345bf884dd2711847e2efb60cd41b51c64dc7189d3c7e0007fe10cc; Download | Favorite | View

TK-Star Q90 Junior GPS Horloge 3.1042.9.8656 Default Password: Posted Jul 30, 2024; Authored by Jasper Nota, Jim Blankendaal, Dennis van Warmerdam; An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used (123456) for administrative purposes. There is no prompt to change this password. Note that this password can be used in combination with CVE-2019-20470.; tags | advisory; advisories | CVE-2019-20470, CVE-2019-20471; SHA-256 | e8053fe5ffde193ef64f389c10296bdc5332d86109140c7971011eee3c2c7921; Download | Favorite | View

TK-Star Q90 Junior GPS Horloge 3.1042.9.8656 Missing PIN: Posted Jul 30, 2024; Authored by Jasper Nota, Jim Blankendaal, Dennis van Warmerdam; An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing the device.; tags | advisory; advisories | CVE-2019-20473; SHA-256 | 71e557db13170d553f8222b252adfde3c496c8b680f843aad63c276633d096ae; Download | Favorite | View

TK-Star Q90 Junior GPS Horlage 3.1042.9.8656 SMS Control: Posted Jul 30, 2024; Authored by Jasper Nota, Jim Blankendaal, Dennis van Warmerdam; An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the default password, e.g., pw,password,call,mobile_number triggers an outbound call from the watch. The password is sometimes available because of CVE-2019-20471.; tags | advisory, telephony; advisories | CVE-2019-20470, CVE-2019-20471; SHA-256 | c037e2ee83a5523ffd033fa937fdfb763b41df886c5224e3cf246b802481b761; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days