[CVE-2017-17551] Dolphin Browser for Android Backup & Restore Arbitrary File Write Vulnerability

CVSS Score




Dolphin Browser for Android < 12.0.2

Vulnerability Details

The Backup and Restore feature in Mobotap's Dolphin Browser for Android 12.0.2, suffers from an arbitrary file write vulnerability when attempting to restore browser settings from a malicious Dolphin Browser backup file. This arbitrary file write vulnerability, allows an attacker to overwrite a specific executable in the Dolphin Browser's data directory with a crafted malicious executable. Every time the Dolphin Browser is launched, it will attempt to run the malicious executable from disk, thus executing the attacker's code.