CVE-2023-43955 PoC — TV Bro 安全漏洞

Source

https://github.com/actuator/com.phlox.tvwebbrowser

Associated Vulnerability

Title:TV Bro 安全漏洞 (CVE-2023-43955)
Description:TV Bro是truefedex个人开发者的适用于 Android 的简单网络浏览器，经过优化可与电视遥控器配合使用。 truefedex TV Bro 2.0.0及之前版本存在安全漏洞，该漏洞源于WebView 错误处理，使攻击者能够执行任意代码、创建任意文件，并通过使用 takeBlobDownloadData 的 JavaScript 执行任意下载。

Description

CVE-2023-43955

File Snapshot


 [4.0K]  /data/pocs/bfa4a77902e20e84f85336327ce73f731b657fba
├── [993K]  box.png
├── [4.5K]  CWE-94.md
├── [5.0M]  poc.apk
├── [ 13M]  TVBro.gif
└── [2.5M]  tvwebpoc.gif

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!