cvedb.io
CVE-2021-32612
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2021-06-16T12:15:12.727 · Last modified 2026-06-17T03:53:16.263

Summary

The VeryFitPro (com.veryfit2hr.second) application 3.2.8 for Android does all communication with the backend API over cleartext HTTP. This includes logins, registrations, and password change requests. This allows information theft and account takeover via network sniffing.

Affected products

i-doo — veryfitpro

Does this affect you?

Add your gear to cvedb and we'll alert you only when i-doo ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.