Resolved Improper Authentication Vulnerability in Qfile
- Release date: December 10, 2021
- Security ID: QSA-21-55
- Severity: Medium
- CVE identifier: CVE-2021-38688
- Affected products: Qfile for Android
- Status: Resolved
Summary
An improper authentication vulnerability has been reported to affect Android devices running Qfile. If exploited, this vulnerability allows attackers to compromise the app and access private information.
We have already fixed the vulnerability in the following versions of Qfile:
- Qfile 3.0.0.1105 and later for Android
Recommendation
To secure your device, we strongly recommend updating Qfile on your Android device to the latest version to benefit from vulnerability fixes.
Acknowledgements: Sajibe Kanti Sarkar
Revision History: V1.0 (December 10, 2021) - Published