← volver
CVE-2021-32612

CVE-2021-32612

EPSS 1.1%
The VeryFitPro (com.veryfit2hr.second) application 3.2.8 for Android does all communication with the backend API over cleartext HTTP. This includes logins, registrations, and password change requests. This allows information theft and account takeover via network sniffing.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://seclists.org/fulldisclosure/2021/Jun/45https://play.google.com/store/apps/details?id=com.veryfit2hr.second&hl=en_US&gl=UShttps://trovent.github.io/security-advisories/TRSA-2105-01/TRSA-2105-01.txthttps://trovent.io/security-advisory-2105-01