Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
File removal via path traversal in unsecured broadcast receiver in Bluebird barcode scanner application
Vulnerability Description
Bluebird devices contain a pre-loaded barcode scanner application. This application exposes an unsecured broadcast receiver "kr.co.bluebird.android.bbsettings.BootReceiver". A local attacker can call the receiver to overwrite file containing ".json" keyword with default barcode config file. It is possible to overwrite file in any location due to lack of protection against path traversal in name of the file. This issue affects all versions before 1.3.3.
CVSS Information
N/A
Vulnerability Type
CWE-926
Vulnerability Title
Bluebird 安全漏洞
Vulnerability Description
Bluebird是韩国蓝鸟(Bluebird)公司的一款用于将设备锁定为专用模式,限制用户只能访问指定功能或应用的应用程序。 Bluebird 1.3.3之前版本存在安全漏洞,该漏洞源于条码扫描器应用暴露不安全广播接收器,可能导致任意位置文件覆盖。
CVSS Information
N/A
Vulnerability Type
N/A