Weee RICEPO App com.ricepo.app AndroidManifest.xml improper export of android application...

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-8745

Source VulDB

Published Aug 9, 2025 at 05:02

Affected Product

Vendor Weee

Product RICEPO App

Version 6.17.77

Affected Versions Weee RICEPO App 6.17.77

CWE Classification

CWE-926

References

{
    "lastseen": "",
    "description": "A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-08-09T05:02:05.495Z",
    "modified": "2025-08-09T05:02:05.495Z",
    "type": "cve",
    "title": "Weee RICEPO App com.ricepo.app AndroidManifest.xml improper export of android application components",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319241\nhttps://vuldb.com/?ctiid.319241\nhttps://vuldb.com/?submit.623581\nhttps://github.com/KMov-g/androidapps/blob/main/com.ricepo.app.md\nhttps://github.com/KMov-g/androidapps/blob/main/com.ricepo.app.md#steps-to-reproduce",
    "id": "CVE-2025-8745",
    "bulletinFamily": "",
    "cwe": [
        "CWE-926"
    ],
    "cvelist": null,
    "sourceData": "Weee RICEPO App 6.17.77",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RICEPO App",
    "version": "6.17.77",
    "vendor": "Weee",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Weee RICEPO App com.ricepo.app AndroidManifest.xml improper export of android application components_CVE-2025-8745