CVE-2018-9468

CVSS 3.1 Score 7.7 of 10 (high)

Details

Published Nov 20, 2024
Updated: Nov 21, 2024

Summary

CVE-2018-9468 is a vulnerability affecting the DownloadManager.java component. The issue permits an attacker to read and write arbitrary files without requiring additional execution privileges. This vulnerability arises due to a permissions bypass in the query function. Local information disclosure and file rewriting are potential consequences, with user interaction being unnecessary for exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share