← back
CVE-2016-2060

CVE-2016-2060

EPSS 0.5%
server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate upstream interface names, which allows attackers to bypass intended access restrictions via a crafted application.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://source.android.com/security/bulletin/2016-05-01.htmlhttps://www.codeaurora.org/improper-input-validation-tethering-controller-netd-cve-2016-2060-0