CVE-2025-56608

Name of the Vulnerable Software and Affected Versions Corona Virus Tracker App India version 1.0

Description The Android application uses MD5 for digest authentication. The handleDigest() function utilizes MessageDigest.getInstance("MD5") to hash credentials. MD5 is a cryptographic algorithm susceptible to hash collisions, potentially enabling replay, spoofing, or brute-force attacks, which could lead to unauthorized access.

Recommendations version 1.0: Replace MD5 with a stronger cryptographic hash function for authentication. Consider using SHA-256 or a similar modern algorithm.