The Chainfire SuperSU package prior to 1.69 for Android allows malicious users to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
chainfire supersu 1.69 |