64 matches found
The vulnerability of the Device Admin App operating system ctrlX OS allows a hacker to recover passwords of other users.
The vulnerability of the Device Admin App on the ctrlX OS operating system is related to insufficient calculation of the password hash. Exploiting this vulnerability allows a malicious actor to retrieve passwords of other users by sending specially crafted HTTP requests...
The vulnerability of the Device Admin App on the ctrlX OS operating system allows a perpetrator to compromise the integrity of the vulnerable application’s configuration.
The vulnerability of the Device Admin App on the ctrlX OS lies in the improper validation of the data entered by the user against a list of allowed values. Exploiting this vulnerability allows an attacker to compromise the integrity of the vulnerable application by sending a specially crafted HTT...
The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Device Admin App on the ctrlX OS platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP requests...
The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to select user account names.
The vulnerability of the Device Admin App on the ctrlX OS involves unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to select user account names by sending specially crafted HTTP requests remotely...
The vulnerability of the Device Admin App operating system ctrlX OS allows attackers to carry out “man-in-the-middle” type attacks.
The vulnerability of the Device Admin App on the ctrlX OS platform is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to carry out “man-in-the-middle” attacks by sending specially crafted HTTP requests...
The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Device Admin App on the ctrlX OS platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP requests...
The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Device Admin App on the ctrlX OS platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP requests...
The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to trigger a service failure.
The vulnerability of the Device Admin App on the ctrlX OS operating system relates to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted HTTP requests remotely...
CVE-2023-35677
In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service factory reset or continuous locking with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-25356
An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application...
The vulnerability of the Certificates and Keys module of the Device Admin App for the ctrlX OS operating system allows a perpetrator to write arbitrary files.
The vulnerability of the Certificates and Keys module in the Device Admin app of the ctrlX OS operating system is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability allows a malicious actor to write arbitrary files by sending specially crafted HTTP...
The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Device Admin App on the ctrlX OS platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP requests...
The vulnerability of the Backup & Restore module of the Device Admin app for the ctrlX OS operating system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Backup & Restore module of the Device Admin app for the ctrlX OS operating system is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information by...
CVE-2025-24494
CVE-2025-24494 affects the Keysight Ixia Vision Product Family. A path traversal vulnerability combined with the Upload functionality could lead to remote code execution under a privileged device admin account, potentially enabling execution of arbitrary scripts or uploaded binaries. The issue is...
PT-2025-9700 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 6.7.0 Description: The issue allows for path traversal, which may enable remote code execution using a privileged account, requiring a device admin account. This cannot be performed by a regular user. In combinatio...
CVE-2024-43769
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...
Android Pixel Privilege Escalation Vulnerability
Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app...
PT-2024-2944 · Google · Android Pixel
Name of the Vulnerable Software and Affected Versions: Android Pixel affected versions not specified Description: The issue is caused by a logic error in the code, allowing for a possible bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2023-35677
In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service factory reset or continuous locking with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-35677
In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service factory reset or continuous locking with no additional execution privileges needed. User interaction is not needed for...