on 19 July 2022, Cybersecurity & Infrastrucure Security Agency [CISA] issued an advisory # (ICSA-22-200-01) for the MiCODUS MV720 GPS tracker due to a range of serious vulnerabilities including use of hard-coded Credentials, Improper Authentication, Cross-site Scripting, Authorization Bypass Through User-controlled Key.

The MV720 is a DIY device that can be fitted to a vehicle. It is available from Amazon and has capabilities including cellular-enabled GPS tracker which uses a SIM card to transmit status, location updates & can receive SMS commands from its user(s), including cutting off oil supply. https://www.cisa.gov/uscert/ics/advisories/icsa-22-200-01

I followed up by checking Amazon.co.uk & sure enough the device was selling for £18 [about $22] but with no reviews. I decided to be a good citizen & submitted a review of the device to warn others who may consider buying the gadget, although I had not purchased one.

Based on the company's reputation, there was no real surprise when a couple of days after submitting my review, Amazon replied stating "after carefully reviewing your submission your review could not be posted to the website. It appears your content did not comply with our guidelines."

So much for Amazon caring about their customers, they just want commission for selling this defective device.