CVE-2020-6869
HIGHZTEMarket APK < 10.06 - Information Leak via Activity Component Exposure
Title source: llmDescription
All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. Due to Activity Component exposure users can exploit this vulnerability to get the private cookie and execute silent installation.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013022
Scores
CVSS v3
8.1
EPSS
0.0032
EPSS Percentile
54.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Details
Status
published
Products (1)
zte/ztemarket_apk
< 10.06
Published
Jun 17, 2020
Tracked Since
Feb 18, 2026