CVE-2024-12993 – Infinix Mobile Location Disclosure Information Exposure

12月 30, 2024
12:16 pm

CVE ID : CVE-2024-12993

Published : Dec. 30, 2024, 11:15 a.m. | 1 hour, 1 minute ago

Description : Infinix devices contain a pre-loaded “com.rlk.weathers” application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges.
After multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-12993 – Infinix Mobile Location Disclosure Information Exposure

Elvescore.io

Recent Posts

CVE-2024-11184 – WordPress wp-enable-svg SVG Injection Vulnerability

CVE-2024-11357 – Goodlayers Core WordPress Stored Cross-Site Scripting Vulnerability

CVE-2024-12595 – WordPress AHAthat Plugin Reflected Cross-Site Scripting

CVE-2002-20002 – EasyTCP Weak Random Number Generation in Crypto Key Generation

CVE-2024-56830 – Apache Net::EasyTCP Weak Random Number Generating

CVE-2024-56829 – Huang Yaoshi Pharmaceutical File Upload Vulnerability (Arbitrary File Write)

CVE-2024-12993 – Infinix Mobile Location Disclosure Information Exposure

CVE-2024-12993 – Infinix Mobile Location Disclosure Information Exposure