Overview
CVE-2025-13876 is a medium severity security vulnerability affecting the Rareprob HD Video Player All Formats App version 12.1.372 on Android. This vulnerability allows a local attacker to perform path traversal, potentially leading to unauthorized file access or manipulation. The vendor was notified but has not responded. The exploit for this vulnerability is publicly available, increasing the risk of exploitation.
Technical Details
The vulnerability resides within an unknown function of the com.rocks.music.videoplayer component of the Rareprob HD Video Player All Formats App. By manipulating input, an attacker can bypass intended security restrictions and traverse the file system. The specific attack vector involves crafting a malicious file path that allows the attacker to access files outside of the application’s intended directory. This path traversal vulnerability allows for arbitrary file overwrite.
While the attack requires local access, the ease of exploitation due to the publicly available exploit code makes it a significant concern.
CVSS Analysis
The Common Vulnerability Scoring System (CVSS) assigns a score of 5.3 to CVE-2025-13876, indicating a MEDIUM severity. The CVSS vector is likely AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N (assuming a typical local path traversal scenario).
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N) (Though local access is required)
- User Interaction (UI): Required (R) (User must install the malicious application)
- Scope (S): Unchanged (U)
- Confidentiality Impact (C): Low (L)
- Integrity Impact (I): Low (L)
- Availability Impact (A): None (N)
Possible Impact
A successful path traversal attack could lead to the following consequences:
- Unauthorized File Access: An attacker could read sensitive files stored on the device, potentially exposing personal data, application settings, or other confidential information.
- File Overwrite: As the analysis reports, the attacker can overwrite arbitrary files. This can lead to app malfunction, or malicious file injection.
- Data Corruption: By overwriting critical application files, an attacker could corrupt the application’s data or functionality.
- Privilege Escalation (Potential): In some scenarios, if the overwritten file is used by another application, privilege escalation could be possible, although less likely in this specific case.
Mitigation or Patch Steps
Unfortunately, since the vendor has not responded to the disclosure, a patch is currently unavailable. Users of the Rareprob HD Video Player All Formats App version 12.1.372 are advised to take the following precautions:
- Uninstall the App: The most effective mitigation is to uninstall the vulnerable application.
- Exercise Caution: Be extremely cautious when opening files or interacting with the app if you choose to keep it installed.
- Monitor App Permissions: Regularly review the app’s permissions and revoke any unnecessary or suspicious permissions.
- Use a Security App: Consider using a reputable mobile security app to detect and prevent potential exploits.
- Consider Alternative Players: Switch to a different video player application from a reputable developer that receives regular security updates.
We strongly recommend contacting the app developer and urging them to address this vulnerability. Once a patch is available, promptly update the application.
