cvedb.io
CVE-2017-17551
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2017-12-11T18:29:00.187 · Last modified 2026-06-17T01:11:14.740

Summary

The Backup and Restore feature in Mobotap Dolphin Browser for Android 12.0.2 suffers from an arbitrary file write vulnerability when attempting to restore browser settings from a malicious Dolphin Browser backup file. This arbitrary file write vulnerability allows an attacker to overwrite a specific executable in the Dolphin Browser's data directory with a crafted malicious executable. Every time the Dolphin Browser is launched, it will attempt to run the malicious executable from disk, thus executing the attacker's code.

Affected products

changyou — dolphin

Does this affect you?

Add your gear to cvedb and we'll alert you only when changyou ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.