2 matches found
CVE-2018-10988
An issue was discovered on Diqee Diqee360 devices. A firmware update process, integrated into the firmware, starts at boot and tries to find the update folder on the microSD card. It executes code, without a digital signature, as root from the /mnt/sdcard/$PRONAME/upgrade.sh or...
CVE-2018-10988
CVE-2018-10988 affects Diqee Diqee360 devices. The firmware update process at boot reads an unsigned script from the microSD (upgrade.sh) and executes it as root, in /mnt/sdcard/$PRO_NAME/upgrade.sh or /sdcard/upgrage_360/upgrade.sh, without signature verification. This local vulnerability requir...