CVE-2023-42470
Description
The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content loading occurs.
NVD
Severity: CRITICAL
CVE ID: CVE-2023-42470
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
actuator
CVE-2023-42470 | CVE-2023-47353
Refrence: GitHub
Content on GitHub
actuator | watchers:4
cve
Cybersecurity Research & CVE citations.
Refrence: GitHub