Vulnerabilities > Doogee

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2019-15424 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Doogee Bl5000 Firmware
The Doogee BL5000 Android device with a build fingerprint of DOOGEE/BL5000/BL5000:7.0/NRD90M/1497072355:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack.
local
low complexity
doogee CWE-610
2.1
2019-11-14 CVE-2019-15422 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Doogee MIX Firmware
The Doogee Mix Android device with a build fingerprint of DOOGEE/MIX/MIX:7.0/NRD90M/1495809471:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack.
local
low complexity
doogee CWE-610
2.1
2018-07-13 CVE-2016-6564 Permissions, Privileges, and Access Controls vulnerability in multiple products
Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks.
9.3