Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A certain software build for the Sharp Rouvo V device (SHARP/VZW_STTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN0_0_530:user/release-keys) leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device identifiers in Android 10 and higher, but in this instance they are leaked by a high-privilege process and can be obtained indirectly. This malicious app reads from the "ro.boot.wifi_mac" system property to indirectly obtain the Wi-Fi MAC address and reads the "ro.boot.bt_mac" system property to obtain the Bluetooth MAC address.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
flask-cors 安全漏洞
Vulnerability Description
Flask-CORS是Flask的跨源资源共享组件。 flask-cors 存在安全漏洞,该漏洞源于日志输出中和不当,允许攻击者破坏日志文件,可能掩盖其他攻击的踪迹、混淆日志处理工具以及伪造日志条目。
CVSS Information
N/A
Vulnerability Type
N/A