CVE-2020-36245

Опубликовано: 17 фев. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 5.8

EPSS Низкий

Описание

GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port 7912, e.g., by being on the same Wi-Fi network.

Ссылки

https://github.com/GramAddict/bot/issues/134
Exploit
Third Party Advisory
https://github.com/GramAddict/bot/issues/134
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gramaddict:gramaddict:*:*:*:*:*:*:*:*

Версия до 1.2.3 (включая)

EPSS

Процентиль: 58%

0.0036

Низкий

8.8 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-306

Связанные уязвимости

GHSA-q5h6-49gg-2wfg