CVE-2023-47355

HIGH

Eyuep Can Yilmaz [ROOT] Quick Reboot 1.0.8 - Unauthenticated Denial of Service via Exposed Broadcast Receivers

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-47355. PoCs published by actuator.

AI-analyzed exploit summary The repository provides a detailed technical analysis of CVE-2023-47355, focusing on exposed broadcast receivers in the Android app 'com.eypcnnapps.quickreboot' v1.0.8. It includes a PoC demonstrating how unauthorized broadcasts can trigger unintended actions like DoS via crafted intents.

Description

The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quick Reboot) application 1.0.8 for Android has exposed broadcast receivers for PowerOff, Reboot, and Recovery (e.g., com.eypcnnapps.quickreboot.widget.PowerOff) that are susceptible to unauthorized broadcasts because of missing input validation.

Exploits (1)

nomisec WRITEUP 1 stars
by actuator · poc
https://github.com/actuator/com.eypcnnapps.quickreboot

The repository provides a detailed technical analysis of CVE-2023-47355, focusing on exposed broadcast receivers in the Android app 'com.eypcnnapps.quickreboot' v1.0.8. It includes a PoC demonstrating how unauthorized broadcasts can trigger unintended actions like DoS via crafted intents.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: com.eypcnnapps.quickreboot v1.0.8
No auth needed
Prerequisites: Android device with the vulnerable app installed · Ability to send broadcast intents (no special permissions required)
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.0077
EPSS Percentile 50.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-20
Status published
Products (1)
eyuepcanyilmaz/root_quick_reboot 1.0.8
Published Feb 05, 2024
Tracked Since Feb 18, 2026