cvedb.io
CVE-2017-11706
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-07-28T05:29:00.777 · Last modified 2026-06-17T01:02:14.263

Summary

The Boozt Fashion application before 2.3.4 for Android allows remote attackers to read login credentials by sniffing the network and leveraging the lack of SSL. NOTE: the vendor response, before the application was changed to enable SSL logins, was "At the moment that is an accepted risk. We only have https on the checkout part of the site."

Affected products

boozt — boozt

Does this affect you?

Add your gear to cvedb and we'll alert you only when boozt ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.