Lobby
Monthly
Improper export of Android application components in Lobby Universe Lobby App versions 2.0 through 2.8.0 allows local attackers with user-level privileges to access sensitive functionality via the com.maverick.lobby component. The vulnerability stems from AndroidManifest.xml misconfiguration that exposes internal application activities without proper permission protection, enabling local privilege escalation or information disclosure. Publicly available exploit code exists, though exploitation requires local device access and authenticated user privileges.
Improper export of Android application components in Lobby Universe Lobby App versions 2.0 through 2.8.0 allows local attackers with user-level privileges to access sensitive functionality via the com.maverick.lobby component. The vulnerability stems from AndroidManifest.xml misconfiguration that exposes internal application activities without proper permission protection, enabling local privilege escalation or information disclosure. Publicly available exploit code exists, though exploitation requires local device access and authenticated user privileges.