A critical vulnerability exists in Delight Custom Firmware (CFW) for Symbian Belle devices that allows arbitrary command execution during boot, leading to a persistent bootloop and potential silent code execution without user interaction.
The issue is triggered by the presence of a specially crafted text file (Delight.txt) placed in a specific data directory (E:\Data\). The file contents are parsed and executed during the boot process without proper validation or user consent.
This behavior strongly suggests the presence of either:
- an unintended logic flaw, or
- a deliberate backdoor-like mechanism introduced by the firmware.