Command Injection Vulnerability in Lenovo Service Framework Android Application
CVE-2017-3761
9.8CRITICAL
What is CVE-2017-3761?
The Lenovo Service Framework Android application is susceptible to a command injection vulnerability due to insufficient sanitization of user input when executing system commands. This flaw may allow an attacker to exploit the application, leading to unauthorized execution of arbitrary commands. If successfully exploited, it could result in remote code execution, posing significant risks to the integrity and security of affected devices.
Affected Version(s)
Service Framework application various versions