AppGallery lets you download paid apps for free

A developer from France discovered an unpleasant vulnerability for him - and pleasant for many others - in Huawei

AppGallery.While researching the Chinese app store API, he discovered that the server passes to the client (whether it is a Huawei AppGallery app or a person manually requesting data) a link to download the application, regardless of whether it is free or paid, whether the user has purchased it or not. These links also do not contain any verification, and by clicking on them you can download the .apk file, even if the application has not been purchased. Of course, you can install this .apk file and use the application as if you had purchased it.

The developer who discovered the problem reported itHuawei back in mid-February. And he did it exactly as recommended by the company - by encrypted e-mail, after which he received a response in the form of an unencrypted letter containing the text of the original letter. The disregard for security did not stop there: the company asked not to publish information for 5 weeks to fix the problem, but did not fix it in 5 weeks or three months, and stopped responding to the developer's letters.

After that, the developer published information aboutvulnerability, however incomplete: he did not specify which API returns links so inaccurately, and its detection is the most difficult task. Thus, without special knowledge, exploiting the vulnerability will be quite difficult. However, even such a semi-publication of the vulnerability had an effect on Huawei: the very next day, the company began to distribute the update patch, promising to complete the process by May 25.

    © Ilya Nerybov.

    Sourced from https://evowizz.dev/