VDB-321887 · CVE-2025-9675 · GCVE-100-321887

Voice Changer App ଯେପର୍ଯ୍ୟନ୍ତ 1.1.0 com.tuyangkeji.changevoice AndroidManifest.xml Local Privilege Escalation

Rakkoon nageenyaa kan ସମସ୍ୟାଜନକ jedhamuun beekamu Voice Changer App ଯେପର୍ଯ୍ୟନ୍ତ 1.1.0 keessatti argameera. Miidhamni argame is hojii hin beekamne faayilii AndroidManifest.xml keessa kutaa com.tuyangkeji.changevoice keessa. Wanti jijjiirame gara Local Privilege Escalation geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-926 si geessa. Odeeffannoon kun yeroo 08/29/2025 maxxanfameera. Odeeffannoon kun buufachuuf github.com irratti argama. Dogoggorri kun CVE-2025-9675 jedhamee waamama. Weerara sun naannoo keessaatti qofa raawwatamuu qaba. Ibsa teeknikaa ni jira. Waan dabalataa ta’een, meeshaa balaa kana fayyadamuuf ni jira. Qorannoo miidhaa (exploit) uummataaf ifa taasifameera, kanaafis fayyadamuu ni danda'ama. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ ta’uu isaa ibsameera. Exploit github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

3 ଆଡାପ୍ଟେସନ୍ · 95 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 08/29/2025 12:30 PM	ଅଦ୍ୟତନ 1/2 08/30/2025 08:24 AM	ଅଦ୍ୟତନ 2/2 09/08/2025 06:34 PM
software_name	Voice Changer App	Voice Changer App	Voice Changer App
software_version	<=1.1.0	<=1.1.0	<=1.1.0
software_component	com.tuyangkeji.changevoice	com.tuyangkeji.changevoice	com.tuyangkeji.changevoice
software_file	AndroidManifest.xml	AndroidManifest.xml	AndroidManifest.xml
vulnerability_cwe	CWE-926	CWE-926	CWE-926
vulnerability_risk	1	1	1
cvss3_vuldb_av	L	L	L
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rc	R	R	R
advisory_url	https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md	https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md	https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md
exploit_availability	1	1	1
exploit_publicity	1	1	1
exploit_url	https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md#steps-to-reproduce	https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md#steps-to-reproduce	https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md#steps-to-reproduce
source_cve	CVE-2025-9675	CVE-2025-9675	CVE-2025-9675
cna_responsible	VulDB	VulDB	VulDB
cvss2_vuldb_av	L	L	L
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR
cvss4_vuldb_av	L	L	L
cvss4_vuldb_ac	L	L	L
cvss4_vuldb_pr	L	L	L
cvss4_vuldb_ui	N	N	N
cvss4_vuldb_vc	L	L	L
cvss4_vuldb_vi	L	L	L
cvss4_vuldb_va	L	L	L
cvss4_vuldb_e	P	P	P
cvss2_vuldb_au	S	S	S
cvss2_vuldb_rl	ND	ND	ND
cvss3_vuldb_rl	X	X	X
cvss4_vuldb_at	N	N	N
cvss4_vuldb_sc	N	N	N
cvss4_vuldb_si	N	N	N
cvss4_vuldb_sa	N	N	N
cvss2_vuldb_basescore	4.3	4.3	4.3
cvss2_vuldb_tempscore	3.7	3.7	3.7
cvss3_vuldb_basescore	5.3	5.3	5.3
cvss3_vuldb_tempscore	4.8	4.8	4.8
cvss3_meta_basescore	5.3	5.3	5.4
cvss3_meta_tempscore	4.8	5.0	5.2
cvss4_vuldb_bscore	4.8	4.8	4.8
cvss4_vuldb_btscore	1.9	1.9	1.9
advisory_date	1756418400 (08/29/2025)	1756418400 (08/29/2025)	1756418400 (08/29/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_nvd_summary		A vulnerability was determined in Voice Changer App up to 1.1.0. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.tuyangkeji.changevoice. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized.	A vulnerability was determined in Voice Changer App up to 1.1.0. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.tuyangkeji.changevoice. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized.
cvss4_cna_av		L	L
cvss4_cna_ac		L	L
cvss4_cna_at		N	N
cvss4_cna_pr		L	L
cvss4_cna_ui		N	N
cvss4_cna_vc		L	L
cvss4_cna_vi		L	L
cvss4_cna_va		L	L
cvss4_cna_sc		N	N
cvss4_cna_si		N	N
cvss4_cna_sa		N	N
cvss4_cna_bscore		4.8	4.8
cvss3_cna_av		L	L
cvss3_cna_ac		L	L
cvss3_cna_pr		L	L
cvss3_cna_ui		N	N
cvss3_cna_s		U	U
cvss3_cna_c		L	L
cvss3_cna_i		L	L
cvss3_cna_a		L	L
cvss3_cna_basescore		5.3	5.3
cvss2_cna_av		L	L
cvss2_cna_ac		L	L
cvss2_cna_au		S	S
cvss2_cna_ci		P	P
cvss2_cna_ii		P	P
cvss2_cna_ai		P	P
cvss2_cna_basescore		4.3	4.3
cvss3_nvd_av			L
cvss3_nvd_ac			L
cvss3_nvd_pr			L
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			N
cvss3_nvd_a			N
cvss3_nvd_basescore			5.5

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Might our Artificial Intelligence support you?

Check our Alexa App!