CVE-2025-9671: Improper Export of Android Application Components in UAB Paytend App
A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. This impacts an unknown function of the file AndroidManifest.xml of the component com.passport.cash. Executing manipulation can lead to improper export of android application components. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-9671: Improper Export of Android Application Components in UAB Paytend App
Description
A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. This impacts an unknown function of the file AndroidManifest.xml of the component com.passport.cash. Executing manipulation can lead to improper export of android application components. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-08-29T10:11:37.007Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 68b203e4ad5a09ad007a8a7c
Added to database: 8/29/2025, 7:47:48 PM
Last updated: 8/29/2025, 7:47:48 PM
Views: 1
Related Threats
CVE-2025-56577: n/a
UnknownCVE-2025-9670: Inefficient Regular Expression Complexity in mixmark-io turndown
MediumCVE-2025-9669: SQL Injection in Jinher OA
MediumCVE-2025-43773: CWE-862 Missing Authorization in Liferay Portal
MediumCVE-2025-9667: SQL Injection in code-projects Simple Grading System
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.