CVE-2023-26310 — HIGH (7.4)

Vulnerability Description

There is a command injection problem in the old version of the mobile phone backup app.

CVSS Score

7.4

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Oppo	Coloros	12.3
Oppo	Find X3	-

Related Weaknesses (CWE)

CWE-88 CWE-77

References

https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-168440246472147Vendor Advisory
https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-168440246472147Vendor Advisory

FAQ

What is CVE-2023-26310?

CVE-2023-26310 is a vulnerability with a CVSS score of 7.4 (HIGH). There is a command injection problem in the old version of the mobile phone backup app.

How severe is CVE-2023-26310?

CVE-2023-26310 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-26310?

Check the references section above for vendor advisories and patch information. Affected products include: Oppo Coloros, Oppo Find X3.