Apk-Parser2 is vulnerable to man-in-the-middle (MitM) attack. This is possible because it does not prevent downloading of executables via HTTP if the attacker is on the network or positioned in between the user and the remote server. Consequently, it may potentially cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary.
CPE | Name | Operator | Version |
---|---|---|---|
apk-parser2 | le | 0.1.1 |