CVE-2024-7746

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-7746

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-7746.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-7746

Published

2024-08-13T16:15:09Z

Modified

2025-02-19T03:38:54.998292Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism. These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability.

References

https://asrg.io/security-advisories/cve-2024-7746/

Affected packages

Git / github.com/traccar/traccar

Affected ranges

Type: GIT
Repo: https://github.com/traccar/traccar
Events: Introduced

b068ca92dae416d0300f1092e4c11826596e4e1b

Last affected

9a285e59e580994dc9c3f80935f766f3dafdcd46

Affected versions

v2.*

v2.12

v3.*

v3.0

v3.1

v3.10

v3.11

v3.12

v3.13

v3.14

v3.15

v3.16

v3.17

v3.2

v3.4

v3.5

v3.6

v3.7

v3.8

v3.9

v4.*

v4.0

v4.1

v4.10

v4.11

v4.12

v4.13

v4.14

v4.15

v4.2

v4.3

v4.4

v4.5

v4.6

v4.7

v4.8

v4.9

v5.*

v5.0

v5.1

v5.10

v5.11

v5.12

v5.2

v5.3

v5.4

v5.5

v5.6

v5.7

v5.8

v5.9

v6.*

v6.0