Описание
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI.
Ссылки
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:alcatelmobile:cingular_flip_2_firmware:b9huah1:*:*:*:*:*:*:*
cpe:2.3:h:alcatelmobile:cingular_flip_2:-:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00626
Низкий
6.8 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI.
EPSS
Процентиль: 70%
0.00626
Низкий
6.8 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-78