CVE-2025-9677 | Modo Legend of the Phoenix up to 1.0.5 com.duige.hzw.multilingual AndroidManifest.xml improper export of android application components

Inserito da Angelo Barbosa | Ago 29, 2025 | CVE

A vulnerability classified as problematic was found in Modo Legend of the Phoenix up to 1.0.5. The affected element is an unknown function of the file AndroidManifest.xml of the component com.duige.hzw.multilingual. The manipulation results in improper export of android application components.

This vulnerability was named CVE-2025-9677. The attack needs to be approached locally. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-9677 | Modo Legend of the Phoenix up to 1.0.5 com.duige.hzw.multilingual AndroidManifest.xml improper export of android application components

Post correlati

CVE-2024-7404 | GitLab Community Edition/Enterprise Edition up to 17.3.6/17.4.3/17.5.1 ui layer (Issue 476670)

CVE-2024-35239 | Umbraco Umbraco.Forms.Issues prior 13.0.1/12.2.2/10.5.3/8.13.13 Forms cross site scripting

CVE-2025-1295 | Templines Elementor Helper Core Plugin up to 2.7 on WordPress privileges management

CVE-2025-24316 | Dario Health Dario Application Database and Internet-based Server Infrastructure exposure of sensitive information due to incompatible policies (icsma-25-058-01)