InstantBits Web Video Cast App com.instantbits.cast.webvideo AndroidManifest.xml improper export of...

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in InstantBits Web Video Cast App up to 5.12.4 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.instantbits.cast.webvideo. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-7891

Source VulDB

Published Jul 20, 2025 at 13:02

Modified Jul 21, 2025 at 12:46

Affected Product

Vendor InstantBits

Product Web Video Cast App

Version 5.12.0

Affected Versions InstantBits Web Video Cast App 5.12.0
InstantBits Web Video Cast App 5.12.1
InstantBits Web Video Cast App 5.12.2
InstantBits Web Video Cast App 5.12.3
InstantBits Web Video Cast App 5.12.4

CWE Classification

CWE-926

References

{
    "lastseen": "",
    "description": "A vulnerability was found in InstantBits Web Video Cast App up to 5.12.4 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.instantbits.cast.webvideo. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-07-20T13:02:05.558Z",
    "modified": "2025-07-21T12:46:42.739Z",
    "type": "cve",
    "title": "InstantBits Web Video Cast App com.instantbits.cast.webvideo AndroidManifest.xml improper export of android application components",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.317006\nhttps://vuldb.com/?ctiid.317006\nhttps://vuldb.com/?submit.615271\nhttps://github.com/KMov-g/androidapps/blob/main/com.instantbits.cast.webvideo.md\nhttps://github.com/KMov-g/androidapps/blob/main/com.instantbits.cast.webvideo.md#steps-to-reproduce",
    "id": "CVE-2025-7891",
    "bulletinFamily": "",
    "cwe": [
        "CWE-926"
    ],
    "cvelist": null,
    "sourceData": "InstantBits Web Video Cast App 5.12.0\nInstantBits Web Video Cast App 5.12.1\nInstantBits Web Video Cast App 5.12.2\nInstantBits Web Video Cast App 5.12.3\nInstantBits Web Video Cast App 5.12.4",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Web Video Cast App",
    "version": "5.12.0",
    "vendor": "InstantBits",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

InstantBits Web Video Cast App com.instantbits.cast.webvideo AndroidManifest.xml improper export of android application components_CVE-2025-7891