Vulnerability Description
A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huuugegames | Huuge Box | 1.0.3 |
Related Weaknesses (CWE)
References
- https://github.com/KMov-g/androidapps/blob/main/com.huuge.game.zjbox.mdExploitThird Party Advisory
- https://github.com/KMov-g/androidapps/blob/main/com.huuge.game.zjbox.md#steps-toExploitThird Party Advisory
- https://vuldb.com/?ctiid.319137Permissions RequiredVDB Entry
- https://vuldb.com/?id.319137Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.619858Third Party AdvisoryVDB Entry
- https://github.com/KMov-g/androidapps/blob/main/com.huuge.game.zjbox.mdExploitThird Party Advisory
- https://github.com/KMov-g/androidapps/blob/main/com.huuge.game.zjbox.md#steps-toExploitThird Party Advisory
FAQ
What is CVE-2025-8707?
CVE-2025-8707 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. ...
How severe is CVE-2025-8707?
CVE-2025-8707 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-8707?
Check the references section above for vendor advisories and patch information. Affected products include: Huuugegames Huuge Box.