CVE-2025-65830

Name of the Vulnerable Software and Affected Versions Mobile application (affected versions not specified)

Description A missing certificate validation allows an attacker positioned upstream to intercept and decrypt TLS traffic from the mobile application. This interception enables the attacker to inspect and modify requests in transit, potentially leading to a full compromise of a user's account if authentication tokens are captured or the MD5 hash sent during login is cracked.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.