CVE-2023-47355

HIGH

Eyuepcanyilmaz Root Quick Reboot - Improper Input Validation

Title source: rule

Description

The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quick Reboot) application 1.0.8 for Android has exposed broadcast receivers for PowerOff, Reboot, and Recovery (e.g., com.eypcnnapps.quickreboot.widget.PowerOff) that are susceptible to unauthorized broadcasts because of missing input validation.

Exploits (1)

nomisec WRITEUP 1 stars

by actuator · poc

https://github.com/actuator/com.eypcnnapps.quickreboot

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://github.com/actuator/com.eypcnnapps.quickreboot/blob/main/CWE-925.md

Product

https://play.google.com/store/apps/details?id=com.eypcnnapps.quickreboot

Scores

CVSS v3 7.5

EPSS 0.0025

EPSS Percentile 48.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-20

Status published

Products (1)

eyuepcanyilmaz/root_quick_reboot 1.0.8

Published Feb 05, 2024

Tracked Since Feb 18, 2026