Hard-coded API Key Vulnerability in Retty App for Android and iOS

Hard-coded API Key Vulnerability in Retty App for Android and iOS

CVE-2021-20748 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.

Learn more about our Cis Benchmark Audit For Apple Ios.