CNNVD-202509-3684 Information
CNNVD ID
CNNVD-202509-3684
Related CVE
- CNNVD Published: 2025-09-23
Description (Chinese)
OnePlus OxygenOS是中国一加(OnePlus)公司的一款智能手机操作系统。 OnePlus OxygenOS存在安全漏洞,该漏洞源于多个内容提供程序缺少写入操作权限以及这些提供程序的update方法中存在SQL注入,可能导致敏感信息泄露。
Description (English)
OnePlus OxygenOS is a smartphone operating system operated by OnePlus. OnePlus OxygenOS has a security loophole, which stems from the lack of write-in permissions for multiple content-providing procedures and the SQL injections in these supply-providing procedures, which may lead to the disclosure of sensitive information.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
ONNX
Published
2025-09-23
Last Modified
2026-02-24
References
https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/bltd4b7439a28b6c866/68d168a6930d015d43a6b588/CVE-2025-10184_PoC.zip https://www.rapid7.com/blog/post/cve-2025-10184-oneplus-oxygenos-telephony-provider-permission-bypass-not-fixed/
Patch
https://www.oneplus.com/us/oxygenos15
Share on: