The app manufacturers of standard electronic messaging app Go SMS pro haven’t taken any action to repair the vulnerability since they were hip regarding it in August, per researchers WHO found the flaw within the app. Sensitive media of users will simply be accessed by anyone with none authentication or authorization.
Popular electronic messaging app Go SMS pro is leaky sensitive media changed between users of the app, per an exploration by Trustwave. The vulnerable media of users embody personal voice messages, video messages, and photos. The event was initial rumored by TechCrunch WHO verified Trust wave’s analysis. TechCrunch found a person’s signaling, a screenshot of a bank transfer, associate order confirmation together with a home address, associate arrest record, and express photos whereas viewing links shared through the Go SMS pro app.
According to the report, Trustwave’s researchers discovered the blemished Go SMS Pro’s app in August and hip the app-maker to repair them. However, even once the quality 90-day point in time since August eighteen, 2020 to repair the problem, the app maker “has done nothing to repair the bug.” once the point in time, the researchers announce regarding the app flaws publicly.
Goss pro is alleged to possess one hundred million downloads on Google Play Store and was discovered to in public expose media transferred between users of the app.
As per reports, users WHO don’t have the app received URLs via SMS if any messages were sent to them exploitation the app. Users had to click on this address to access the message that might open on a browser. Per an exploration by Spider Labs, anybody with none authentication or authorization, who had access to the address might open it and find access to sensitive media shared between users.
The analysis more explicit that address link was serial (hexadecimal) and inevitable which whereas sharing media files, a link was generated no matter the recipient having the app or not.
This clearly impacts the confidentiality of media content sent via this application,” notes the analysis. The analysis more warns users to avoid causing personal media files which will contain sensitive information until the seller acknowledges and fixes the vulnerability.