PT-2022-20003 · Unknown · Elliegrid Android Application
Published
2022-07-29
·
Updated
2022-08-10
·
CVE-2022-30083
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
EllieGrid Android Application version 3.4.1
Description
The EllieGrid Android Application is vulnerable to Code Injection. The application evaluates user input as code, allowing for remote exploitation.
Recommendations
For EllieGrid Android Application version 3.4.1, consider restricting the evaluation of user input as code until a patch is available. As a temporary workaround, avoid using the application for remote interactions that may expose it to malicious input. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Elliegrid Android Application