Vulnerability Description
The default TCL Camera application exposes a provider vulnerable to path traversal vulnerability. Malicious application can supply malicious URI path and delete arbitrary files from user’s external storage.
Related Weaknesses (CWE)
References
- https://blog.oversecured.com/Content-Providers-and-the-potential-weak-spots-they
- https://cert.pl/en/posts/2024/11/CVE-2024-11136/
- https://cert.pl/posts/2024/11/CVE-2024-11136/
FAQ
What is CVE-2024-11136?
CVE-2024-11136 is a documented vulnerability. The default TCL Camera application exposes a provider vulnerable to path traversal vulnerability. Malicious application can supply malicious URI path and delete arbitrary files from user’s external st...
How severe is CVE-2024-11136?
CVSS scoring is not yet available for CVE-2024-11136. Check NVD for updates.
Is there a patch for CVE-2024-11136?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.