Medium Published: Dec 15, 2025

CVE-2025-14698

4.4 CVSS Score Medium

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Export CVE-2025-14698 Data:

Link copied!

Description

A weakness has been identified in atlaszz AI Photo Team Galleryit App 1.3.8.2 on Android. This affects an unknown part of the component gallery.photogallery.pictures.vault.album. This manipulation causes path traversal. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector Details

Attack Vector Local

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality None

Integrity Low

Availability Low

Weaknesses (CWE)

CWE-22

References & External Links

https://github.com/Secsys-FDU/AF_CVEs/issues/2
https://vuldb.com/?ctiid.336416
https://vuldb.com/?id.336416
https://vuldb.com/?submit.706213

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker