CVE-2023-43481 PoC — TCL BrowseHere 安全漏洞

Source

https://github.com/actuator/com.tcl.browser

Associated Vulnerability

Title:TCL BrowseHere 安全漏洞 (CVE-2023-43481)
Description:Tcl Communication TCL BrowseHere是中国TCL通讯科技（Tcl Communication）公司的界面精致的视频播放浏览器。 TCL BrowseHere 6.65.022_dab24cc6_231221_gp版本存在安全漏洞，该漏洞源于允许远程攻击者通过com.tcl.browser.portal.browse.activity.BrowsePageActivity组件执行任意JavaScript代码。

Description

CVE-2023-43481

File Snapshot


 [4.0K]  /data/pocs/925180870f0873c9e0f831cc3ba8e9c5d913108c
├── [722K]  cookie.gif
├── [4.3K]  CWE-94.md
├── [1.8M]  Facebook.gif
├── [2.6M]  Gmail.gif
├── [5.0M]  poc.apk
├── [793K]  poc.gif
└── [428K]  TCL.png

0 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!