MidnightBSD

Advisories for shanling

CVE-2023-27105

A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal.

Products Affected

Vendor Product Version
shanling eddict_player 2.1.3
shanling mtouch_os 3.3