CVE Vulnerabilities

CVE-2026-12960

Improper Export of Android Application Components

Published: Jul 03, 2026 | Modified: Jul 03, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL. Refer to the Security Update for ASUS Router Android AppĀ  section on the ASUS Security Advisory for more information.

Weakness

The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.

Extended Description

The attacks and consequences of improperly exporting a component may depend on the exported component:

Potential Mitigations

References