cve/CVE-2023-40121.md at b8bb3913ae5ed6689c69f4d953bda7435b2f2da7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

POC

Reference

3287ac2d25

Github

https://github.com/hshivhare67/platform_framework_base_AOSP6_r22_CVE-2023-40121
https://github.com/hshivhare67/platform_framework_base_android-4.2.2_r1_CVE-2023-40121
https://github.com/nidhi7598/frameworks_base_AOSP10_r33_core_CVE-2023-40121
https://github.com/nomi-sec/PoC-in-GitHub

1.0 KiB Raw Blame History

CVE-2023-40121

Description

POC

Reference

Github

1.0 KiB

Raw Blame History