Huuge Box App com.huuge.game.zjbox AndroidManifest.xml improper export of android application...

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8707

Source VulDB

Published Aug 8, 2025 at 02:02

Affected Product

Vendor Huuge

Product Box App

Version 1.0.3

Affected Versions Huuge Box App 1.0.3

CWE Classification

CWE-926

References

{
    "lastseen": "",
    "description": "A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.",
    "published": "2025-08-08T02:02:06.472Z",
    "modified": "2025-08-08T02:02:06.472Z",
    "type": "cve",
    "title": "Huuge Box App com.huuge.game.zjbox AndroidManifest.xml improper export of android application components",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319137\nhttps://vuldb.com/?ctiid.319137\nhttps://vuldb.com/?submit.619858\nhttps://github.com/KMov-g/androidapps/blob/main/com.huuge.game.zjbox.md\nhttps://github.com/KMov-g/androidapps/blob/main/com.huuge.game.zjbox.md#steps-to-reproduce",
    "id": "CVE-2025-8707",
    "bulletinFamily": "",
    "cwe": [
        "CWE-926"
    ],
    "cvelist": null,
    "sourceData": "Huuge Box App 1.0.3",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Box App",
    "version": "1.0.3",
    "vendor": "Huuge",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Huuge Box App com.huuge.game.zjbox AndroidManifest.xml improper export of android application components_CVE-2025-8707