CVE-2024-51774
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Nov 2, 2024
Updated: Nov 6, 2024
CWE ID 295
Summary
CVE-2024-51774 is a vulnerability affecting qBittorrent versions prior to 5.0.1. The issue lies in the software's handling of HTTPS URLs. Despite encountering certificate validation errors, qBittorrent continues to process these URLs using an insecure connection. This can potentially expose users to man-in-the-middle attacks, where an attacker can intercept and modify the data being transmitted between the user and the server. It is essential that users upgrade to the latest version of qBittorrent to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Qbittorrent
Affected Vendors
- Qbittorrent