Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Location information exposure in Infinix Weather app
Vulnerability Description
Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges. After multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices.
CVSS Information
N/A
Vulnerability Type
将系统数据暴露到未授权控制的范围
Vulnerability Title
Transsion Holdings Infinix Mobile devices 安全漏洞
Vulnerability Description
Transsion Holdings Infinix Mobile devices是中国传音控股(Transsion Holdings)公司的一系列移动设备。 Transsion Holdings Infinix Mobile devices存在安全漏洞,该漏洞源于预装的com.rlk.weathers应用暴露了未加保护的内容提供者,允许攻击者在无需任何权限的情况下与提供者通信并揭露用户位置。
CVSS Information
N/A
Vulnerability Type
N/A