actuator

20 exploits Active since Jun 2023
CVE-2024-23729 NOMISEC MEDIUM WORKING POC
ColorOS Internet Browser 45.10.3.4.1 - Remote Code Execution via RealBrowserActivity Component
The ColorOS Internet Browser com.heytap.browser application 45.10.3.4.1 for Android allows a remote attacker to execute arbitrary JavaScript code via the com.android.browser.RealBrowserActivity component.
8 stars
CVSS 6.1
CVE-2023-42470 NOMISEC CRITICAL WRITEUP
Imou Life < 6.8.0 - Remote Code Execution via Exported MainActivity Component
The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content loading occurs.
4 stars
CVSS 9.8
CVE-2023-47883 NOMISEC CRITICAL WRITEUP
vladymix/tv_browser < 4.5.1 - JavaScript Code Execution via Exposed MainActivity
The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity.
2 stars
CVSS 9.8
CVE-2024-31974 NOMISEC MEDIUM NO CODE
Solarized FireDown Browser & Downloader 1.0.76 - XSS
The com.solarized.firedown (aka Solarized FireDown Browser & Downloader) application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately sanitize the URI or any extra data passed in the intent by any installed application (with no permissions).
1 stars
CVSS 6.3
CVE-2024-36437 NOMISEC MEDIUM NO CODE
TextNow <24.17.0.2 - Code Injection
The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.enflick.android.TextNow.activities.DialerActivity component.
1 stars
CVSS 6.5
CVE-2024-23727 NOMISEC HIGH WRITEUP
com.kamivision.yismart <1.0.0_20231219 - XSS
The YI Smart Kami Vision com.kamivision.yismart application through 1.0.0_20231219 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component.
1 stars
CVSS 8.4
CVE-2024-25731 NOMISEC HIGH NO CODE
Elink Smart eSmartCam 2.1.5 - Use of Hard-coded AES Encryption Keys
The Elink Smart eSmartCam (com.cn.dq.ipc) application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data (e.g., over Wi-Fi).
1 stars
CVSS 7.5
CVE-2023-47882 NOMISEC HIGH WRITEUP
Kami Vision YI IoT <4.1.9_20231127 - XSS
The Kami Vision YI IoT com.yunyi.smartcamera application through 4.1.9_20231127 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component.
1 stars
CVSS 7.1
CVE-2023-47889 NOMISEC HIGH WRITEUP
BINHDRM26 1.0.3 - Privilege Escalation
The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes several critical actions through its exported broadcast receivers. These exposed actions can allow any app on the device to send unauthorized broadcasts, leading to unintended consequences. The vulnerability is particularly concerning because these actions include powering off, system reboot & entering recovery mode.
1 stars
CVSS 7.8
CVE-2023-49002 NOMISEC HIGH WRITEUP
Xenom Technologies Phone Dialer-voice Call Dialer - Access Restriction Bypass
An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity.
1 stars
CVSS 7.5
CVE-2023-49003 NOMISEC MEDIUM WRITEUP
Simple Mobile Tools Simple Dialer <5.18.1 - Auth Bypass
An issue in simplemobiletools Simple Dialer 5.18.1 allows an attacker to bypass intended access restrictions via interaction with com.simplemobiletools.dialer.activities.DialerActivity.
1 stars
CVSS 5.3
CVE-2023-42468 NOMISEC MEDIUM WRITEUP
color_phone <= 2.1.8-2 - Unauthenticated Phone Call Initiation via Exported DialerActivity Component
The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker to initiate phone calls without user consent, because of improper export of the com.cutestudio.dialer.activities.DialerActivity component. A third-party application (without any permissions) can craft an intent targeting com.cutestudio.dialer.activities.DialerActivity via the android.intent.action.CALL action in conjunction with a tel: URI, thereby placing a phone call.
1 stars
CVSS 5.3
CVE-2023-42469 NOMISEC LOW WRITEUP
full_dialer <= 1.0.1 - Unauthenticated Phone Call Placement via Crafted Intent
The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.full.dialer.top.secure.encrypted.activities.DialerActivity component.
1 stars
CVSS 3.3
CVE-2023-42471 NOMISEC CRITICAL WRITEUP
wave.ai.browser < 1.0.35 - Remote Code Execution via Crafted Intent
The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web content and doesn't adequately validate or sanitize the URI or any extra data passed in the intent by a third party application (with no permissions).
1 stars
CVSS 9.8
CVE-2023-43481 NOMISEC CRITICAL WORKING POC
Shenzhen TCL Browser TV Web BrowseHere <6.65.022 - XSS
An issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivity component.
1 stars
CVSS 9.8
CVE-2023-43955 NOMISEC CRITICAL WRITEUP
TV Bro <=2.0.0 - Code Execution via WebView External Intents
The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.
1 stars
CVSS 9.8
CVE-2023-46447 NOMISEC MEDIUM WRITEUP
POPS! Rebel 5.0 - Cleartext Transmission of Sensitive Information via BLE
The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System, sends unencrypted glucose measurements over BLE.
1 stars
CVSS 4.3
CVE-2023-47355 NOMISEC HIGH WRITEUP
Eyuep Can Yilmaz [ROOT] Quick Reboot 1.0.8 - Unauthenticated Denial of Service via Exposed Broadcast Receivers
The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quick Reboot) application 1.0.8 for Android has exposed broadcast receivers for PowerOff, Reboot, and Recovery (e.g., com.eypcnnapps.quickreboot.widget.PowerOff) that are susceptible to unauthorized broadcasts because of missing input validation.
1 stars
CVSS 7.5
CVE-2023-42470 WRITEUP CRITICAL WRITEUP
Imou Life < 6.8.0 - Remote Code Execution via Exported MainActivity Component
The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content loading occurs.
CVSS 9.8
CVE-2023-34761 WRITEUP MEDIUM WRITEUP
7-Eleven Hello Cup 1.3.1 - Unauthenticated BLE Connection Bypass
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the application's client-side chat censor filter.
CVSS 6.5