PT-2025-30193 · Dunamu · Stockplus App
Fxizenta
·
Published
2025-07-20
·
Updated
2025-12-03
·
CVE-2025-7890
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Dunamu StockPlus App versions up to 7.62.10
Description
A vulnerability exists in Dunamu StockPlus App on Android. The issue involves improper export of android application components due to manipulation of an unknown functionality within the
AndroidManifest.xml file of the com.dunamu.stockplus component. The attack requires local access. The exploit is publicly available. The vendor was notified but did not respond.Recommendations
Update Dunamu StockPlus App to a version newer than 7.62.10.
Exploit
Fix
LPE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Stockplus App