CVE-2025-7889: Improper Export of Android Application Components in CallApp Caller ID App
A vulnerability was found in CallApp Caller ID App up to 2.0.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component caller.id.phone.number.block. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-7889: Improper Export of Android Application Components in CallApp Caller ID App
Description
A vulnerability was found in CallApp Caller ID App up to 2.0.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component caller.id.phone.number.block. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-07-19T10:46:57.537Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 687ce891a83201eaac0277d7
Added to database: 7/20/2025, 1:01:05 PM
Last updated: 7/20/2025, 1:01:05 PM
Views: 1
Related Threats
CVE-2025-7890: Improper Export of Android Application Components in Dunamu StockPlus App
MediumCVE-2025-7888: SQL Injection in TDuckCloud tduck-platform
MediumCVE-2025-7886: SQL Injection in pmTicket Project-Management-Software
MediumCVE-2025-7887: Cross Site Scripting in Zavy86 WikiDocs
MediumCVE-2025-7885: Cross Site Scripting in Huashengdun WebSSH
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.