CVE-2024-51774

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Nov 2, 2024

Updated: Nov 6, 2024

CWE ID 295

Summary

CVE-2024-51774 is a vulnerability affecting qBittorrent versions prior to 5.0.1. The issue lies in the software's handling of HTTPS URLs. Despite encountering certificate validation errors, qBittorrent continues to process these URLs using an insecure connection. This can potentially expose users to man-in-the-middle attacks, where an attacker can intercept and modify the data being transmitted between the user and the server. It is essential that users upgrade to the latest version of qBittorrent to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Qbittorrent

Affected Vendors

Qbittorrent

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/0HI6Di
https://www.cve.org/CVERecord?id=CVE-2024-51774
https://nvd.nist.gov/vuln/detail/CVE-2024-51774

Back to Vulnerability Database