Security Advisory

CVE-2018-10988

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-07-05 20:00:00

Last updated 2024-08-05 07:54:36

Assigner mitre

State PUBLISHED

Description

An issue was discovered on Diqee Diqee360 devices. A firmware update process, integrated into the firmware, starts at boot and tries to find the update folder on the microSD card. It executes code, without a digital signature, as root from the /mnt/sdcard/$PRO_NAME/upgrade.sh or /sdcard/upgrage_360/upgrade.sh pathname.

← Browse all CVEs View on cve.org ↗