Security ID : QSA-21-55
Improper Authentication Vulnerability in Qfile
Release date : December 10, 2021
CVE identifier : CVE-2021-38688
Affected products: Qfile for Android
Severity
Moderate
Status
Resolved
Summary
An improper authentication vulnerability has been reported to affect Android devices running Qfile. If exploited, this vulnerability allows attackers to compromise the app and access private information.
We have already fixed the vulnerability in the following versions of Qfile:
- Qfile 3.0.0.1105 and later for Android
Recommendation
To secure your device, we strongly recommend updating Qfile on your Android device to the latest version to benefit from vulnerability fixes.
Acknowledgements: Sajibe Kanti Sarkar
Revision History: V1.0 (December 10, 2021) - Published
