CVE-2026-30280
Arbitrary File Overwrite in RAREPROB Video Player Enables Code Execution
Publication date: 2026-03-31
Last updated on: 2026-04-02
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rareprob | video_player | 1.0.135 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information.
Exposure of sensitive information due to this vulnerability could impact compliance with data protection regulations such as GDPR or HIPAA, which require safeguarding personal and sensitive data against unauthorized access or disclosure.
However, the provided information does not explicitly detail the types of data affected or specific compliance implications.
Can you explain this vulnerability to me?
CVE-2026-30280 is an arbitrary file overwrite vulnerability found in the "Video player - Play All Videos" Android app version 1.0.135 by RAREPROB SOLUTIONS PRIVATE LIMITED. The flaw exists in the file import process within the component com.kaisquare.location.MainActivity, where insufficient security validation allows an attacker to manipulate the filename and content of imported files.
By exploiting path traversal techniques, an attacker can overwrite critical internal files in the app's internal storage. This can happen automatically when the victim opens a malicious app crafted by the attacker.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including arbitrary code execution, which means an attacker could run malicious code within the app's context.
It can also lead to exposure of sensitive information stored within the app, denial of service conditions, app malfunction, or even failure to launch the app.
The attack requires no complex user interaction and can be triggered automatically, increasing the risk of exploitation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves an arbitrary file overwrite via the file import process in the Video player - Play All Videos app. Detection would focus on monitoring for suspicious file import activities or unexpected modifications to internal app files.
Since the vulnerability exploits path traversal during file import, one detection approach is to monitor the app's internal storage for unexpected or unauthorized file changes.
Specific commands or tools are not provided in the available resources. However, general detection methods could include:
- Using file integrity monitoring tools to detect changes in the app's internal storage directories.
- Monitoring Android logs (logcat) for unusual activity related to the component com.kaisquare.location.MainActivity.
- Checking for installation or execution of suspicious apps that might exploit this vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps are not explicitly detailed in the provided resources.
However, based on the nature of the vulnerability, recommended actions include:
- Avoid using or importing files from untrusted sources in the affected app.
- Uninstall or disable the vulnerable version (1.0.135) of the Video player - Play All Videos app until a patch or update is available.
- Monitor for updates or patches from RAREPROB SOLUTIONS PRIVATE LIMITED addressing this vulnerability.
- Restrict installation of unknown or suspicious apps that could exploit this vulnerability.