Vulnerability Details CVE-2017-17763
SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or any integrity-protection mechanism for file transfer, which makes it easier for remote attackers to send crafted files, as demonstrated by APK injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.6
Products affected by CVE-2017-17763
-
cpe:2.3:a:liveqos:superbeam:4.0.1
-
cpe:2.3:a:liveqos:superbeam:4.0.5
-
cpe:2.3:a:liveqos:superbeam:4.1.2
-
cpe:2.3:a:liveqos:superbeam:4.1.3