Cryptographic Vulnerability in SourceCodester Corona Virus Tracker App for Android
CVE-2025-56608

4.2MEDIUM

Key Information:

Vendor: SourceCodester
Status: Corona Virus Tracker App India
Vendor: CVE Published:; 3 September 2025

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2025-56608?

The SourceCodester Corona Virus Tracker App India version 1.0 utilizes an outdated cryptographic algorithm, MD5, for digest authentication. This implementation is susceptible to various attacks, including replay, spoofing, and brute-force, due to the inherent weaknesses in MD5, which is known for its vulnerability to hash collisions. As a result, unauthorized access may be gained, exposing sensitive user data. This vulnerability is classified under CWE-327 and aligns with OWASP M5 concerning insufficient cryptography practices. Ensuring the use of secure and updated cryptographic standards is critical for protecting user credentials.

References

https://www.sourcecodester.com/android/14292/android-coro...

https://github.com/MobSF/owasp-mstg/blob/master/Document/...

https://github.com/anonaninda/Aninda-security-advisories/...

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Aug 17, 2025