HIGH🇬🇧 English

CVE-2023-26310

CVSS 7.4v3.1pub. 2023-08-09upd. 2024-11-21

There is a command injection problem in the old version of the mobile phone backup app.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
  • Oppo Coloros

    OS
    Oppo
    12.3
  • Oppo Find X3

    HW
    Oppo
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-11829CRITICAL9.8ten sam produkt

Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is co...

CVE-2021-23246HIGH7.5ten sam produkt

In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting...

CVE-2021-23244HIGH7.8ten sam produkt

ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permiss...

CVE-2020-11828HIGH7.5ten sam produkt

In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surface...

CVE-2024-1608CRITICAL9.1PL ✓ten sam vendor

Privilege escalation w OPPO Usercenter Credit SDK — wyciek danych aplikacji

CVE-2023-26310 — HIGH 7.4 | CVEbaza.pl