| tiêu đề | Freedom Factory dGEN1 phone 1 Broken Authorization |
|---|
| Mô tả | A broken authorization vulnerability exists in the Android launcher application org.ethosmobile.ethoslauncher on the Freedom Factory dGEN1 phone. An exported BroadcastReceiver relies on a caller-supplied intent value to identify trusted callers, allowing any local application to spoof authorization and modify launcher entries.
As a result, unauthorized applications can add, remove, or replace launcher “FakeApp” entries, potentially enabling phishing and user deception. |
|---|
| Nguồn | ⚠️ https://gist.github.com/Lytes/1078d9e16897ed95ad24143952adfba6 |
|---|
| Người dùng | Anonymous User |
|---|
| Đệ trình | 21/02/2026 05:58 (cách đây 2 các tháng) |
|---|
| Kiểm duyệt | 06/03/2026 22:15 (14 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 349571 [Freedom Factory dGEN1 đến 20260221 org.ethosmobile.ethoslauncher FakeAppReceiver nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|