CVE-2023-43955
- Reference to the description:
- Description:
- The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
- Last updated date:
- 01/09/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/09/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/09/2024
- Reference url to background
https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/09/2024
- Reference url to background
https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk