NVD

Vulnerability Change Records for CVE-2025-7891

Action	Type	New Value
Added	Description	A vulnerability was found in InstantBits Web Video Cast App up to 5.12.4 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.instantbits.cast.webvideo. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Added	CVSS V4.0	AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Added	CVSS V3.1	AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Added	CVSS V2	(AV:L/AC:L/Au:S/C:P/I:P/A:P)
Added	CWE	CWE-926
Added	Reference	https://github.com/KMov-g/androidapps/blob/main/com.instantbits.cast.webvideo.md
Added	Reference	https://github.com/KMov-g/androidapps/blob/main/com.instantbits.cast.webvideo.md#steps-to-reproduce
Added	Reference	https://vuldb.com/?ctiid.317006
Added	Reference	https://vuldb.com/?id.317006
Added	Reference	https://vuldb.com/?submit.615271