Idan Shechter

1 exploit Active since Jan 2018
CVE-2017-13208 NOMISEC CRITICAL SCANNER
Android 5.1.1-8.1 - Remote Code Execution via DHCP Response Bounds Check Bypass
In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67474440.
1 stars
CVSS 9.8