Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains a pre-installed app with a package name of com.asus.loguploader (versionCode=1570000275, versionName=7.0.0.55_170515). This app contains an exported service app component named com.asus.loguploader.LogUploaderService that, when accessed with a particular action string, will write a bugreport (kernel log, logcat log, and the state of system services including the text of active notifications), Wi-Fi Passwords, and other system data to external storage (sdcard). Any app with the READ_EXTERNAL_STORAGE permission on this device can read this data from the sdcard after it has been dumped there by the com.asus.loguploader. Third-party apps are not allowed to directly create a bugreport or access the user's stored wireless network credentials.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ASUS ZenFone 3 Max 安全漏洞
Vulnerability Description
ASUS ZenFone 3 Max是华硕(ASUS)公司的一款基于Android平台的智能手机。 ASUS ZenFone 3 Max(所使用的Build fingerprint为asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys)中的预安装应用程序的com.asus.loguploader数据包的com.asus.loguploader.LogUploaderService组件存在
CVSS Information
N/A
Vulnerability Type
N/A