Webull Investing & Trading App AndroidManifest.xml improper export of android...

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml. This manipulation causes improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-10721

Source VulDB

Published Sep 19, 2025 at 17:32

Affected Product

Vendor Webull

Product Investing & Trading App

Version 11.2.5.63

Affected Versions Webull Investing & Trading App 11.2.5.63

CWE Classification

CWE-926

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml. This manipulation causes improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-09-19T17:32:07.489Z",
    "modified": "2025-09-19T17:32:07.489Z",
    "type": "cve",
    "title": "Webull Investing & Trading App AndroidManifest.xml improper export of android application components",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.325010\nhttps://vuldb.com/?ctiid.325010\nhttps://vuldb.com/?submit.645014\nhttps://github.com/KMov-g/androidapps/blob/main/org.dayup.stocks.md\nhttps://github.com/KMov-g/androidapps/blob/main/org.dayup.stocks.md#steps-to-reproduce",
    "id": "CVE-2025-10721",
    "bulletinFamily": "",
    "cwe": [
        "CWE-926"
    ],
    "cvelist": null,
    "sourceData": "Webull Investing & Trading App 11.2.5.63",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Investing & Trading App",
    "version": "11.2.5.63",
    "vendor": "Webull",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Webull Investing & Trading App AndroidManifest.xml improper export of android application components_CVE-2025-10721