Arbitrary File Write Vulnerability in Mobotap Dolphin Browser for Android 12.0.2

Arbitrary File Write Vulnerability in Mobotap Dolphin Browser for Android 12.0.2

CVE-2017-17551 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The Backup and Restore feature in Mobotap Dolphin Browser for Android 12.0.2 suffers from an arbitrary file write vulnerability when attempting to restore browser settings from a malicious Dolphin Browser backup file. This arbitrary file write vulnerability allows an attacker to overwrite a specific executable in the Dolphin Browser's data directory with a crafted malicious executable. Every time the Dolphin Browser is launched, it will attempt to run the malicious executable from disk, thus executing the attacker's code.

Learn more about our Cis Benchmark Audit For Google Android.