CWE-530
Exposure of Backup File to an Unauthorized Control Sphere
A backup file is stored in a directory or archive that is made accessible to unauthorized actors.
CVE-2020-36899 (GCVE-0-2020-36899)
Vulnerability from cvelistv5 – Published: 2025-12-10 21:03 – Updated: 2025-12-11 18:52
VLAI?
Title
QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Disclosure
Summary
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file disclosure vulnerability that allows remote attackers to access sensitive files through unverified 'filename' and 'path' parameters. Attackers can exploit the QH.aspx endpoint to read arbitrary files and directory contents without authentication by manipulating download and getAll actions.
Severity ?
CWE
- CWE-530 - Exposure of Backup File to an Unauthorized Control Sphere
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. | QiHang Media Web Digital Signage |
Affected:
3.0.9.0
|
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36899",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T15:53:05.923944Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T18:52:47.707Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/48750"
},
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5581.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QiHang Media Web Digital Signage",
"vendor": "Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "3.0.9.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2020-08-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eQiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file disclosure vulnerability that allows remote attackers to access sensitive files through unverified \u0027filename\u0027 and \u0027path\u0027 parameters. Attackers can exploit the QH.aspx endpoint to read arbitrary files and directory contents without authentication by manipulating download and getAll actions.\u003c/p\u003e"
}
],
"value": "QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file disclosure vulnerability that allows remote attackers to access sensitive files through unverified \u0027filename\u0027 and \u0027path\u0027 parameters. Attackers can exploit the QH.aspx endpoint to read arbitrary files and directory contents without authentication by manipulating download and getAll actions."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-530",
"description": "CWE-530: Exposure of Backup File to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T21:03:57.079Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-48750",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/48750"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://www.howfor.com"
},
{
"name": "Vendor Security Advisory for ZSL-2020-5581",
"tags": [
"vendor-advisory",
"vdb-entry"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5581.php"
},
{
"name": "VulnCheck Advisory: QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Disclosure",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/qihang-media-web-digital-signage-unauthenticated-arbitrary-file-disclosure"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Disclosure",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36899",
"datePublished": "2025-12-10T21:03:57.079Z",
"dateReserved": "2025-12-09T11:46:53.452Z",
"dateUpdated": "2025-12-11T18:52:47.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-5297 (GCVE-0-2023-5297)
Vulnerability from cvelistv5 – Published: 2023-09-29 21:31 – Updated: 2024-09-20 16:53
VLAI?
Title
Xinhu RockOA start backup
Summary
A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This affects the function start of the file task.php?m=sys|runt&a=beifen. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240927.
Severity ?
CWE
- CWE-530 - Exposure of Backup File to an Unauthorized Control Sphere
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Credits
magicwave18 (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.240927"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.240927"
},
{
"tags": [
"exploit",
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/magicwave18/vuldb/issues/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5297",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-20T16:52:32.194107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T16:53:23.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RockOA",
"vendor": "Xinhu",
"versions": [
{
"status": "affected",
"version": "2.3.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "magicwave18 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This affects the function start of the file task.php?m=sys|runt\u0026a=beifen. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240927."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Xinhu RockOA 2.3.2 ausgemacht. Sie wurde als problematisch eingestuft. Es geht dabei um die Funktion start der Datei task.php?m=sys|runt\u0026a=beifen. Mittels dem Manipulieren mit unbekannten Daten kann eine exposure of backup file to an unauthorized control sphere-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-530",
"description": "CWE-530 Exposure of Backup File to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T04:55:44.628Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.240927"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.240927"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/magicwave18/vuldb/issues/2"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-09-29T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-09-29T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-10-22T14:47:33.000Z",
"value": "VulDB entry last update"
}
],
"title": "Xinhu RockOA start backup"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-5297",
"datePublished": "2023-09-29T21:31:05.504Z",
"dateReserved": "2023-09-29T14:27:38.367Z",
"dateUpdated": "2024-09-20T16:53:23.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12330 (GCVE-0-2024-12330)
Vulnerability from cvelistv5 – Published: 2025-01-09 11:10 – Updated: 2025-01-09 14:46
VLAI?
Title
WP Database Backup – Unlimited Database & Files Backup by Backup for WP <= 7.3 - Unauthenticated Database Back-Up Exposure
Summary
The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly accessible back-up files. This makes it possible for unauthenticated attackers to extract sensitive data including all information stored in the database.
Severity ?
7.5 (High)
CWE
- CWE-530 - Exposure of Backup File to an Unauthorized Control Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| databasebackup | WP Database Backup – Unlimited Database & Files Backup by Backup for WP |
Affected:
* , ≤ 7.3
(semver)
|
Credits
Noah Stead
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T14:46:15.526542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T14:46:23.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Database Backup \u2013 Unlimited Database \u0026 Files Backup by Backup for WP",
"vendor": "databasebackup",
"versions": [
{
"lessThanOrEqual": "7.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Noah Stead"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Database Backup \u2013 Unlimited Database \u0026 Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly accessible back-up files. This makes it possible for unauthenticated attackers to extract sensitive data including all information stored in the database."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-530",
"description": "CWE-530 Exposure of Backup File to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T11:10:56.083Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3f36839b-850e-4c39-aa61-4fd7a89cd5bc?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3209380%40wp-database-backup\u0026new=3209380%40wp-database-backup\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3209387%40wp-database-backup\u0026new=3209387%40wp-database-backup\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "WP Database Backup \u2013 Unlimited Database \u0026 Files Backup by Backup for WP \u003c= 7.3 - Unauthenticated Database Back-Up Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-12330",
"datePublished": "2025-01-09T11:10:56.083Z",
"dateReserved": "2024-12-06T21:53:14.478Z",
"dateUpdated": "2025-01-09T14:46:23.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2364 (GCVE-0-2024-2364)
Vulnerability from cvelistv5 – Published: 2024-03-10 23:00 – Updated: 2025-04-16 15:48
VLAI?
Title
Musicshelf Backup androidmanifest.xml backup
Summary
A vulnerability classified as problematic has been found in Musicshelf 1.0/1.1 on Android. Affected is an unknown function of the file androidmanifest.xml of the component Backup Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256320.
Severity ?
CWE
- CWE-530 - Exposure of Backup File to an Unauthorized Control Sphere
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Musicshelf |
Affected:
1.0
Affected: 1.1 |
Credits
Affan (VulDB User)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:musicshelf:musicshelf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "musicshelf",
"vendor": "musicshelf",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2364",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-11T16:46:16.332731Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T15:48:58.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-256320 | Musicshelf Backup androidmanifest.xml backup",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.256320"
},
{
"name": "VDB-256320 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.256320"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/ctflearner/Android_Findings/blob/main/Musicshelf/Musicshelf_Manifest_issue.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Backup Handler"
],
"product": "Musicshelf",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Affan (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in Musicshelf 1.0/1.1 on Android. Affected is an unknown function of the file androidmanifest.xml of the component Backup Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256320."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in Musicshelf 1.0/1.1 f\u00fcr Android entdeckt. Es betrifft eine unbekannte Funktion der Datei androidmanifest.xml der Komponente Backup Handler. Durch das Beeinflussen mit unbekannten Daten kann eine exposure of backup file to an unauthorized control sphere-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 1.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 1.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.4,
"vectorString": "AV:L/AC:L/Au:M/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-530",
"description": "CWE-530 Exposure of Backup File to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-10T23:00:08.397Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-256320 | Musicshelf Backup androidmanifest.xml backup",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.256320"
},
{
"name": "VDB-256320 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.256320"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/ctflearner/Android_Findings/blob/main/Musicshelf/Musicshelf_Manifest_issue.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-03-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-03-10T12:48:46.000Z",
"value": "VulDB entry last update"
}
],
"title": "Musicshelf Backup androidmanifest.xml backup"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-2364",
"datePublished": "2024-03-10T23:00:08.397Z",
"dateReserved": "2024-03-10T11:43:04.787Z",
"dateUpdated": "2025-04-16T15:48:58.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2567 (GCVE-0-2024-2567)
Vulnerability from cvelistv5 – Published: 2024-03-17 21:00 – Updated: 2024-08-01 19:18 Unsupported When Assigned
VLAI?
Title
jurecapuder AndroidWeatherApp Backup File androidmanifest.xml backup
Summary
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in jurecapuder AndroidWeatherApp 1.0.0 on Android. Affected is an unknown function of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. VDB-257070 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: The code maintainer was contacted early about this disclosure but did not respond in any way. Instead the GitHub repository got deleted after a few days. We have to assume that the product is not supported anymore.
Severity ?
CWE
- CWE-530 - Exposure of Backup File to an Unauthorized Control Sphere
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| jurecapuder | AndroidWeatherApp |
Affected:
1.0.0
|
Credits
Affan (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2567",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-18T19:18:30.160069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:21.275Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:18:46.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-257070 | jurecapuder AndroidWeatherApp Backup File androidmanifest.xml backup",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.257070"
},
{
"name": "VDB-257070 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.257070"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/ctflearner/Android_Findings/blob/main/AndroidWeatherApp/Android_backup.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Backup File Handler"
],
"product": "AndroidWeatherApp",
"vendor": "jurecapuder",
"versions": [
{
"status": "affected",
"version": "1.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Affan (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in jurecapuder AndroidWeatherApp 1.0.0 on Android. Affected is an unknown function of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. VDB-257070 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: The code maintainer was contacted early about this disclosure but did not respond in any way. Instead the GitHub repository got deleted after a few days. We have to assume that the product is not supported anymore."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in jurecapuder AndroidWeatherApp 1.0.0 f\u00fcr Android gefunden. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Datei androidmanifest.xml der Komponente Backup File Handler. Dank der Manipulation mit unbekannten Daten kann eine exposure of backup file to an unauthorized control sphere-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 1.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 1.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.4,
"vectorString": "AV:L/AC:L/Au:M/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-530",
"description": "CWE-530 Exposure of Backup File to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-17T21:00:05.635Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-257070 | jurecapuder AndroidWeatherApp Backup File androidmanifest.xml backup",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.257070"
},
{
"name": "VDB-257070 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.257070"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/ctflearner/Android_Findings/blob/main/AndroidWeatherApp/Android_backup.md"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2024-03-17T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-03-17T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-03-17T09:05:12.000Z",
"value": "VulDB entry last update"
}
],
"title": "jurecapuder AndroidWeatherApp Backup File androidmanifest.xml backup"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-2567",
"datePublished": "2024-03-17T21:00:05.635Z",
"dateReserved": "2024-03-17T07:58:43.103Z",
"dateUpdated": "2024-08-01T19:18:46.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3124 (GCVE-0-2024-3124)
Vulnerability from cvelistv5 – Published: 2024-04-01 12:31 – Updated: 2024-08-27 15:38
VLAI?
Title
fridgecow smartalarm Backup File androidmanifest.xml backup
Summary
A vulnerability classified as problematic has been found in fridgecow smartalarm 1.8.1 on Android. This affects an unknown part of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258867.
Severity ?
CWE
- CWE-530 - Exposure of Backup File to an Unauthorized Control Sphere
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| fridgecow | smartalarm |
Affected:
1.8.1
|
Credits
Affan (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-258867 | fridgecow smartalarm Backup File androidmanifest.xml backup",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.258867"
},
{
"name": "VDB-258867 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.258867"
},
{
"name": "Submit #307752 | smartalarm Android v1.8.1 Exposure of Backup File to an Unauthorized Control Sphere",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.307752"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/ctflearner/Android_Findings/blob/main/Smartalarm/Backup.md"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fridgecow:smartalarm:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smartalarm",
"vendor": "fridgecow",
"versions": [
{
"status": "affected",
"version": "1.8.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3124",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T15:37:09.837093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T15:38:16.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Backup File Handler"
],
"product": "smartalarm",
"vendor": "fridgecow",
"versions": [
{
"status": "affected",
"version": "1.8.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Affan (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in fridgecow smartalarm 1.8.1 on Android. This affects an unknown part of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258867."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in fridgecow smartalarm 1.8.1 f\u00fcr Android entdeckt. Sie wurde als problematisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei androidmanifest.xml der Komponente Backup File Handler. Durch Manipulation mit unbekannten Daten kann eine exposure of backup file to an unauthorized control sphere-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.1,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-530",
"description": "CWE-530 Exposure of Backup File to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-01T12:31:04.539Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-258867 | fridgecow smartalarm Backup File androidmanifest.xml backup",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.258867"
},
{
"name": "VDB-258867 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.258867"
},
{
"name": "Submit #307752 | smartalarm Android v1.8.1 Exposure of Backup File to an Unauthorized Control Sphere",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.307752"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/ctflearner/Android_Findings/blob/main/Smartalarm/Backup.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-01T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-01T09:52:51.000Z",
"value": "VulDB entry last update"
}
],
"title": "fridgecow smartalarm Backup File androidmanifest.xml backup"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3124",
"datePublished": "2024-04-01T12:31:04.539Z",
"dateReserved": "2024-04-01T07:47:40.901Z",
"dateUpdated": "2024-08-27T15:38:16.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3128 (GCVE-0-2024-3128)
Vulnerability from cvelistv5 – Published: 2024-04-01 14:31 – Updated: 2024-08-01 19:32 Unsupported When Assigned
VLAI?
Title
Replify-Messenger Backup File androidmanifest.xml backup
Summary
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown processing of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The identifier VDB-258869 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: The vendor was contacted early and responded very quickly. He does not intend to maintain the app anymore and will revoke the availability in the Google Play Store.
Severity ?
CWE
- CWE-530 - Exposure of Backup File to an Unauthorized Control Sphere
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Replify-Messenger |
Affected:
1.0
|
Credits
Affan (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3128",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T21:26:06.331194Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T21:26:19.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-258869 | Replify-Messenger Backup File androidmanifest.xml backup",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.258869"
},
{
"name": "VDB-258869 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.258869"
},
{
"name": "Submit #307761 | Replify-Messenger Android v1.0 Exposure of Backup File to an Unauthorized Control Sphere",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.307761"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/ctflearner/Android_Findings/blob/main/Replify-Messenger/Backup.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Backup File Handler"
],
"product": "Replify-Messenger",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Affan (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown processing of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The identifier VDB-258869 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: The vendor was contacted early and responded very quickly. He does not intend to maintain the app anymore and will revoke the availability in the Google Play Store."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Replify-Messenger 1.0 f\u00fcr Android entdeckt. Sie wurde als problematisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei androidmanifest.xml der Komponente Backup File Handler. Mittels Manipulieren mit unbekannten Daten kann eine exposure of backup file to an unauthorized control sphere-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.1,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-530",
"description": "CWE-530 Exposure of Backup File to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-01T14:31:04.100Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-258869 | Replify-Messenger Backup File androidmanifest.xml backup",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.258869"
},
{
"name": "VDB-258869 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.258869"
},
{
"name": "Submit #307761 | Replify-Messenger Android v1.0 Exposure of Backup File to an Unauthorized Control Sphere",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.307761"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/ctflearner/Android_Findings/blob/main/Replify-Messenger/Backup.md"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2024-04-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-01T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-01T11:05:10.000Z",
"value": "VulDB entry last update"
}
],
"title": "Replify-Messenger Backup File androidmanifest.xml backup"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3128",
"datePublished": "2024-04-01T14:31:04.100Z",
"dateReserved": "2024-04-01T08:59:15.437Z",
"dateUpdated": "2024-08-01T19:32:42.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3430 (GCVE-0-2024-3430)
Vulnerability from cvelistv5 – Published: 2024-04-07 22:00 – Updated: 2024-08-01 20:12
VLAI?
Title
QKSMS Backup File androidmanifest.xml backup
Summary
A vulnerability was found in QKSMS up to 3.9.4 on Android. It has been classified as problematic. This affects an unknown part of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259611. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
CWE
- CWE-530 - Exposure of Backup File to an Unauthorized Control Sphere
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
Credits
Affan (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3430",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:03:39.866399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:37.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-259611 | QKSMS Backup File androidmanifest.xml backup",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.259611"
},
{
"name": "VDB-259611 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.259611"
},
{
"name": "Submit #307756 | QKSMS Android v3.9.4 Exposure of Backup File to an Unauthorized Control Sphere",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.307756"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/moezbhatti/qksms"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Backup File Handler"
],
"product": "QKSMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.9.2"
},
{
"status": "affected",
"version": "3.9.3"
},
{
"status": "affected",
"version": "3.9.4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Affan (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in QKSMS up to 3.9.4 on Android. It has been classified as problematic. This affects an unknown part of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259611. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in QKSMS bis 3.9.4 f\u00fcr Android ausgemacht. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei androidmanifest.xml der Komponente Backup File Handler. Dank der Manipulation mit unbekannten Daten kann eine exposure of backup file to an unauthorized control sphere-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.1,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-530",
"description": "CWE-530 Exposure of Backup File to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-07T22:00:05.626Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-259611 | QKSMS Backup File androidmanifest.xml backup",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.259611"
},
{
"name": "VDB-259611 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.259611"
},
{
"name": "Submit #307756 | QKSMS Android v3.9.4 Exposure of Backup File to an Unauthorized Control Sphere",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.307756"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/moezbhatti/qksms"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-07T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-07T08:19:02.000Z",
"value": "VulDB entry last update"
}
],
"title": "QKSMS Backup File androidmanifest.xml backup"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3430",
"datePublished": "2024-04-07T22:00:05.626Z",
"dateReserved": "2024-04-07T06:13:51.597Z",
"dateUpdated": "2024-08-01T20:12:06.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3773 (GCVE-0-2025-3773)
Vulnerability from cvelistv5 – Published: 2025-06-26 11:11 – Updated: 2025-06-26 12:58
VLAI?
Summary
A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder.
Severity ?
CWE
- CWE-530 - Exposure of Backup File to an Unauthorized Control Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trellix | System Information Reporter |
Affected:
1.0.3
|
Credits
NCIA researchers
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-26T12:58:49.463927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-26T12:58:54.131Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "System Information Reporter",
"vendor": "Trellix",
"versions": [
{
"status": "affected",
"version": "1.0.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "NCIA researchers"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eA sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder. \u003c/span\u003e\u003c/b\u003e"
}
],
"value": "A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 0,
"baseSeverity": "NONE",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-530",
"description": "CWE-530: Exposure of Backup File to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-26T11:11:26.881Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"url": "https://thrive.trellix.com/s/article/000014635"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2025-3773",
"datePublished": "2025-06-26T11:11:26.881Z",
"dateReserved": "2025-04-17T16:11:49.823Z",
"dateUpdated": "2025-06-26T12:58:54.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Policy
Description:
- Recommendations include implementing a security policy within your organization that prohibits backing up web application source code in the webroot.
No CAPEC attack patterns related to this CWE.