Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Yeelink Yeelight App com.yeelight.cherry AndroidManifest.xml improper export of android application components
Vulnerability Description
A vulnerability was found in Yeelink Yeelight App up to 3.5.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component com.yeelight.cherry. The manipulation leads to improper export of android application components. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
CWE-926
Vulnerability Title
Yeelight App 安全漏洞
Vulnerability Description
Yeelight App是中国Yeelight公司的一款用于控制智能照明产品的应用程序。 Yeelight App 3.5.4及之前版本存在安全漏洞,该漏洞源于文件AndroidManifest.xml导致安卓组件导出不当。
CVSS Information
N/A
Vulnerability Type
N/A