NordVPN: Hard-coded API keys at NordVpn Android App

2020-02-11T00:42:03
ID H1:792850
Type hackerone
Reporter n33dm0n3y
Modified 2020-03-27T10:50:58

Description

Hello NordVpn,

APK Version : 4.6.2 API'S at res/values/strings.xml

>Google >google_api_key = AIzaSyBySEqk7_WWee9bxpw5BM1eJeUx1TWdH_E Stripe >stripe_publishable_api_key = pk_live_j1Mt911wyZwAhATA9TYdA8q2

Referance; >https://stripe.com/docs/keys

Impact

Cleartext Storage of Sensitive Information