在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
CVE-2019-9939SHAREit application for Android 安全漏洞 发布时间:2019-03-22类型:CANstatus:Candidatephase:Assigned操作系统:Android 漏洞描述SHAREit application for Android是中国众联极享科技(SHAREit)公司的一款基于Android平台的内容分发应用程序。该程序主要用于设备之间的文件传输。 基于Android平台的SHAREit应用4.0.36之前版本中存在授权问题漏洞,该漏洞源于网络系统或产品中缺少身份验证措施或身份验证强度不足。The SHAREit application before 4.0.36 for Android allows a remote attacker (on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated) to bypass authentication by trying to fetch a non-existing page. When the non-existing page is requested, the application responds with a 200 status code and empty page, and adds the requesting client device into the list of recognized devices. |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论