CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-27105

A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.9%

CVSS Severity

CVSS v3 Score 9.8

References

https://en.shanling.com/
https://hexavector.github.io/4bf46f12/
https://en.shanling.com/
https://hexavector.github.io/4bf46f12/

Products affected by CVE-2023-27105

Shanling » Eddict Player » Version: 2.1.3

cpe:2.3:a:shanling:eddict_player:2.1.3
Shanling » M2x » Version: N/A

cpe:2.3:h:shanling:m2x:-
Shanling » Mtouch Os » Version: 3.3

cpe:2.3:o:shanling:mtouch_os:3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27105

Products

Pricing

Contact Us