CVE-2017-17763

Name of the Vulnerable Software and Affected Versions SuperBeam versions prior to 4.1.4

Description The issue concerns the lack of HTTPS or any integrity-protection mechanism for file transfer when using the LAN or WiFi Direct Share feature. This makes it easier for remote attackers to send crafted files. For example, it can be used for APK injection.

Recommendations For versions prior to 4.1.4, update to version 4.1.4 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the LAN or WiFi Direct Share feature until a patch is applied. Restrict access to the file transfer functionality to minimize the risk of exploitation.