CVE-2023-27648

Опубликовано: 14 апр. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage.

Ссылки

https://corporate.timmystudios.com/
Product
https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27648/CVE%20detail.md
Exploit
Third Party Advisory
https://play.google.com/store/apps/details?id=com.jb.gokeyboard.theme.twchangecolorofkeypad
Product
https://corporate.timmystudios.com/
Product
https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27648/CVE%20detail.md
Exploit
Third Party Advisory
https://play.google.com/store/apps/details?id=com.jb.gokeyboard.theme.twchangecolorofkeypad
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:timmystudios:change_color_of_keypad:1.275.1.277:*:*:*:*:android:*:*

EPSS

Процентиль: 88%

0.03722

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-6vwg-w32r-x8wm