← volver
CVE-2025-9674

Transbyte Scooper News App com.hatsune.eagleee AndroidManifest.xml improper export of android application components

CVSS 4.8 MEDIUMEPSS 0.3%CWE-926
A flaw has been found in Transbyte Scooper News App up to 1.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.hatsune.eagleee. This manipulation causes improper export of android application components. The attack requires local access. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Productos afectados
Transbyte · Scooper News App

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/KMov-g/androidapps/blob/main/com.hatsune.eagleee.mdhttps://github.com/KMov-g/androidapps/blob/main/com.hatsune.eagleee.md#steps-to-reproducehttps://vuldb.com/?ctiid.321884https://vuldb.com/?id.321884https://vuldb.com/?submit.638068