CVE-2023-49003

MEDIUM

Simple Mobile Tools Simple Dialer <5.18.1 - Auth Bypass

Title source: llm

Description

An issue in simplemobiletools Simple Dialer 5.18.1 allows an attacker to bypass intended access restrictions via interaction with com.simplemobiletools.dialer.activities.DialerActivity.

Exploits (1)

nomisec WRITEUP 1 stars

by actuator · poc

https://github.com/actuator/com.simplemobiletools.dialer

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit

https://github.com/actuator/com.simplemobiletools.dialer/blob/main/CWE-928.md

Third Party Advisory

https://github.com/actuator/cve/blob/main/CVE-2023-49003

Scores

CVSS v3 5.3

EPSS 0.0019

EPSS Percentile 40.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

CWE

CWE-862

Status published

Products (1)

simplemobiletools/simple_dialer 5.18.1

Published Dec 27, 2023

Tracked Since Feb 18, 2026