{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T22:01:17.727","vulnerabilities":[{"cve":{"id":"CVE-2016-6564","sourceIdentifier":"cret@cert.org","published":"2018-07-13T20:29:01.050","lastModified":"2026-06-17T00:51:23.557","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This binary, which resides as /system/bin/debugs, runs with root privileges and does not communicate over an encrypted channel. The binary has been shown to communicate with three hosts via HTTP: oyag[.]lhzbdvm[.]com oyag[.]prugskh[.]net oyag[.]prugskh[.]com Server responses to requests sent by the debugs binary include functionalities to execute arbitrary commands as root, install applications, or update configurations. Examples of a request sent by the client binary: POST /pagt/agent?data={\"name\":\"c_regist\",\"details\":{...}} HTTP/1. 1 Host: 114.80.68.223 Connection: Close An example response from the server could be: HTTP/1.1 200 OK {\"code\": \"01\", \"name\": \"push_commands\", \"details\": {\"server_id\": \"1\" , \"title\": \"Test Command\", \"comments\": \"Test\", \"commands\": \"touch /tmp/test\"}} This binary is reported to be present in the following devices: BLU Studio G BLU Studio G Plus BLU Studio 6.0 HD BLU Studio X BLU Studio X Plus BLU Studio C HD Infinix Hot X507 Infinix Hot 2 X510 Infinix Zero X506 Infinix Zero 2 X509 DOOGEE Voyager 2 DG310 LEAGOO Lead 5 LEAGOO Lead 6 LEAGOO Lead 3i LEAGOO Lead 2S LEAGOO Alfa 6 IKU Colorful K45i Beeline Pro 2 XOLO Cube 5.0"},{"lang":"es","value":"Los dispositivos Android con código de Ragentek contienen un binario privilegiado que realiza comprobaciones de actualizaciones OTA (over-the-air). Además, hay múltiples técnicas en uso para ocultar la ejecución de este binario. El comportamiento podría describirse como rootkit. Este binario, que reside como /system/bin/debugs, se ejecuta con privilegios root y no se comunica mediante un canal cifrado. Se ha mostrado que el binario se comunica con tres hosts mediante HTTP: oyag[.]lhzbdvm[.]com, oyag[.]prugskh[.]net y oyag[.]prugskh[.]com. Las respuestas del servidor a las peticiones enviadas por el binario debugs incluyen funcionalidades para ejecutar comandos arbitrarios como root, instalar aplicaciones o actualizar configuraciones. Ejemplos de una petición enviada por el binario del cliente: POST /pagt/agent?data={\"name\":\"c_regist\",\"details\":{...}} HTTP/1. 1 Host: 114.80.68.223 Connection: Close Un ejemplo de respuesta del servidor podría ser: HTTP/1.1 200 OK {\"code\": \"01\", \"name\": \"push_commands\", \"details\": {\"server_id\": \"1\" , \"title\": \"Test Command\", \"comments\": \"Test\", \"commands\": \"touch /tmp/test\"}} Se ha informado que este binario está presente en los siguientes dispositivos: BLU Studio G, BLU Studio G Plus, BLU Studio 6.0 HD, BLU Studio X, BLU Studio X Plus, BLU Studio C HD, Infinix Hot X507, Infinix Hot 2 X510, Infinix Zero X506, Infinix Zero 2 X509, DOOGEE Voyager 2 DG310, LEAGOO Lead 5, LEAGOO Lead 6, LEAGOO Lead 3i, LEAGOO Lead 2S, LEAGOO Alfa 6, IKU Colorful K45i, Beeline Pro 2 y XOLO Cube 5.0."}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"Ragentek","product":"Android software","versions":[{"version":"N/A","status":"unknown"}]}]}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cret@cert.org","type":"Secondary","description":[{"lang":"en","value":"CWE-494"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-264"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:infinixauthority:hot_x507_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2E1F7E6D-36C1-43C1-A082-012A2B076083"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:infinixauthority:hot_x507:-:*:*:*:*:*:*:*","matchCriteriaId":"DF0E9213-E92E-437F-B818-CAC49714359B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:infinixauthority:hot_2_x510_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"16C972BB-1621-484F-B760-66F14606F22D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:infinixauthority:hot_2_x510:-:*:*:*:*:*:*:*","matchCriteriaId":"8848D000-4085-431F-B459-846B61F1F519"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:infinixauthority:zero_x506_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CCAEC49E-64D7-48E2-A20E-843A152C3342"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:infinixauthority:zero_x506:-:*:*:*:*:*:*:*","matchCriteriaId":"21EB5937-CD55-4E7D-9DCC-B5A9DC35C092"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:infinixauthority:zero_2_x509_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D72E356A-3776-437F-A01B-782686978296"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:infinixauthority:zero_2_x509:-:*:*:*:*:*:*:*","matchCriteriaId":"838DC11A-5928-4CE1-8C47-6DB304CB774F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bluproducts:studio_g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"250622C8-483C-4E50-B299-14E0B4AF9596"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bluproducts:studio_g:-:*:*:*:*:*:*:*","matchCriteriaId":"1405ED4B-8F63-4C11-A4D8-BE65DE153D0F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bluproducts:studio_g_plus_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"75A2B779-523A-4541-A2F5-D6084F18A82A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bluproducts:studio_g_plus:-:*:*:*:*:*:*:*","matchCriteriaId":"872770AE-33BB-45A0-8FF4-48B981FC3F1E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bluproducts:studio_6.0_hd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"586F417B-2560-4E1E-8D42-8A04E9293BAD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bluproducts:studio_6.0_hd:-:*:*:*:*:*:*:*","matchCriteriaId":"04767248-D023-4BE8-8243-51F94864D1D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bluproducts:studio_x_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8D958325-08EF-49EC-913F-CC35DF9FA1A2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bluproducts:studio_x:-:*:*:*:*:*:*:*","matchCriteriaId":"019D185F-6C7D-4D81-997B-59C6659CA5AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bluproducts:studio_x_plus_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"966C5CA1-AE21-4AFC-8ACF-890C216290A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bluproducts:studio_x_plus:-:*:*:*:*:*:*:*","matchCriteriaId":"743EB295-520E-4F12-B395-52BC7BA8E4D5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bluproducts:studio_c_hd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9DB6E094-0FFF-4992-997F-C2221F65E922"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bluproducts:studio_c_hd:-:*:*:*:*:*:*:*","matchCriteriaId":"4F09A667-7100-40F7-B03F-3D1F9E0728C8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xolo:cube_5.0_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5F23993D-E0F9-4CE9-8EF8-5AF8C3F9DD11"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:xolo:cube_5.0:-:*:*:*:*:*:*:*","matchCriteriaId":"A20F8D62-AADC-4FE8-B586-F2135102E87A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:beeline:pro_2_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F1229649-DC71-47A0-BD74-A78E294DFDFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:beeline:pro_2:-:*:*:*:*:*:*:*","matchCriteriaId":"A9A04BB6-DC55-4693-A451-D62E0022F34E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:iku-mobile:colorful_k45i_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"173B7772-7FF4-434D-BB2C-6E80127554DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:iku-mobile:colorful_k45i:-:*:*:*:*:*:*:*","matchCriteriaId":"1BBC0D73-2936-43C6-9541-29191208B86D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:leagoo:lead_5_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D53592AF-6A78-4294-B792-A49C391DC341"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:leagoo:lead_5:-:*:*:*:*:*:*:*","matchCriteriaId":"BC2DE373-9BD3-4BBF-837F-73ECE7700448"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:leagoo:lead_6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6144A49D-7D85-419B-B3F1-18A943245738"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:leagoo:lead_6:-:*:*:*:*:*:*:*","matchCriteriaId":"F5A0FDDC-DC1F-4D83-9273-2872769EB9F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:leagoo:lead_3i_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BDF0B78D-43F2-4FF2-8430-04838F943196"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:leagoo:lead_3i:-:*:*:*:*:*:*:*","matchCriteriaId":"0A2B0180-99DD-4E49-89A8-7037C80C6F0D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:leagoo:lead_2s_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6B12B475-7A3A-436C-BCFA-7DF212276B5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:leagoo:lead_2s:-:*:*:*:*:*:*:*","matchCriteriaId":"3AF3DE21-DD1C-4897-9B91-7261601C8A38"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:leagoo:alfa_6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CF32D104-7EF5-47A0-B500-EF01913C35AC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:leagoo:alfa_6:-:*:*:*:*:*:*:*","matchCriteriaId":"FB27875D-2936-4540-812B-F958D19E5DEE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:doogee:voyager_2_dg310i_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"837AA3EA-0EB5-4D77-A6CB-B981B2BAEE93"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:doogee:voyager_2_dg310i:-:*:*:*:*:*:*:*","matchCriteriaId":"75EC02F5-835F-4752-87FE-009DEB2153F6"}]}]}],"references":[{"url":"https://www.bitsighttech.com/blog/ragentek-android-ota-update-mechanism-vulnerable-to-mitm-attack","source":"cret@cert.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.kb.cert.org/vuls/id/624539","source":"cret@cert.org","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.securityfocus.com/bid/94393/","source":"cret@cert.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.bitsighttech.com/blog/ragentek-android-ota-update-mechanism-vulnerable-to-mitm-attack","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.kb.cert.org/vuls/id/624539","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.securityfocus.com/bid/94393/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}