PT-2025-44421 · Adforest · Adforest
Published
2025-10-30
·
Updated
2025-10-30
·
CVE-2025-61116
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
AdForest - Classified Android App version 4.0.12
Description
The AdForest - Classified Android App has an issue with how it controls access during authentication. The application utilizes a Base64-encoded email address as an authorization credential. This method can be exploited by attackers to gain unauthorized access to user accounts. Successful exploitation may lead to account compromise and privacy breaches. The vulnerable parameter is the Base64-encoded email address used for authorization.
Recommendations
Update to a newer version that addresses the improper access control in the authentication mechanism.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Adforest