Security Advisory

CVE-2018-1000881

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-12-20 17:00:00
Last updated 2024-09-17 03:34:16
Assigner mitre
State PUBLISHED

Description

Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code (Code Injection) vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later.