Vulnerabilities > Oppo > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-01 CVE-2021-23247 Command Injection vulnerability in Oppo Quick APP 4.5.0
A command injection vulerability found in quick game engine allows arbitrary remote code in quick app.
network
low complexity
oppo CWE-77
7.5
2020-11-19 CVE-2020-11829 Improper Privilege Management vulnerability in Oppo Coloros 2.0.05493E40200722
Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722.
network
low complexity
oppo CWE-269
7.5
2019-04-25 CVE-2018-14996 Unspecified vulnerability in Oppo F5 Firmware
The Oppo F5 Android device with a build fingerprint of OPPO/CPH1723/CPH1723:7.1.1/N6F26Q/1513597833:user/release-keys contains a pre-installed platform app with a package name of com.dropboxchmod (versionCode=1, versionName=1.0) that contains an exported service named com.dropboxchmod.DropboxChmodService that allows any app co-located on the device to supply arbitrary commands to be executed as the system user.
local
low complexity
oppo
7.2