CVE-2024-49421Path Traversal in Samsung Quick Share

CWE-22Path Traversal3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 47.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung Quick Share
Timeline
PublishedDec 3

Description

Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

NVDsamsung/quick_share< 3.5.19.41+2

🔴Vulnerability Details

2
GHSA
GHSA-p9xx-363j-2j36: Path traversal in Quick Share Agent prior to version 32024-12-03
CVEList
CVE-2024-49421: Path traversal in Quick Share Agent prior to version 32024-12-03
CVE-2024-49421 — Path Traversal in Samsung Quick Share | cvebase