top of page
perceptive_background_267k.jpg

An arbitrary file overwrite vulnerability in Ora Tools PDF Reader ' Reader & Editor APPv4.3.5 allows attackers to overwrite critical internal files via the file…

Published:

31 maart 2026 om 22:00:00

Alert date:

1 april 2026 om 21:03:40

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT

CVE-2026-30291 is an arbitrary file overwrite vulnerability affecting Ora Tools PDF Reader & Editor APP version 4.3.5. The vulnerability allows attackers to overwrite critical internal files through the file import process, which can lead to arbitrary code execution or information exposure. This represents a high-severity security flaw in a widely-used PDF reader application available on Android platforms.

Technical details

Mitigation steps:

Affected products:

Ora Tools PDF Reader & Editor APP

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-30291
https://github.com/Secsys-FDU/AF_CVEs/issues/18
https://oratools.github.io/
https://play.google.com/store/apps/details?id=pdf.reader.editor.office.ora
https://secsys.fudan.edu.cn/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page