cve/CVE-2023-40121.md at dd6a10065df501f0a524d47b55e162f16811ba93

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

POC

Reference

3287ac2d25

Github

https://github.com/hshivhare67/platform_framework_base_AOSP6_r22_CVE-2023-40121
https://github.com/hshivhare67/platform_framework_base_android-4.2.2_r1_CVE-2023-40121
https://github.com/nidhi7598/frameworks_base_AOSP10_r33_core_CVE-2023-40121
https://github.com/nomi-sec/PoC-in-GitHub

1.0 KiB Raw Blame History

CVE-2023-40121

Description

POC

Reference

Github

1.0 KiB

Raw Blame History