Huawei AppGallery Bug allows you to install paid apps for free
AppGallery, Huawei’s Android app store, has suffered a serious security breach. By exploiting the vulnerability, it is possible to install paid applications for free. Despite the warnings received, Huawei has not yet remedied the breach.
An error has just been discovered in AppGallery, Huawei’s Android application store. According to Dylan Roussel, a French developer, the vulnerability allows a user to install free paid Android apps on their smartphone. Like the Google Play Store, AppGallery contains both free apps and paid apps. In a blog post, the developer explains that came across this hole by chance curious about how the Huawei store works. Digging gave the developer a download link among other information related to an application.
Huawei is slow to fix the error
By clicking on this download link, he was able to install the application he was studying. It was a free app, so the expert worked the same way with a paid premium app. “This time I tried 3 different apps. Or rather, 2 other applications and 1 game. I was able to use the applications successfully,” explains Dylan Roussel on his blog, noting that the game had license verification at launch, which hindered its use. “It shouldn’t be possible to download paid apps for free without any verification or anything.
Although I do not know at this time whether the vulnerability has been actively used, in that case the developers and Huawei could both lose part of their income,” the expert warns. After his discovery, the developer therefore contacted Huawei. The Chinese group has determined to correct the situation as soon as possible and asks its correspondent to remain silent for the time being. The developer gave Huawei 5 weeks to fix the flaw.
After finally waiting 13 weeks, Dylan Roussel decided to disclose the existence of the infringement. The expert makes sure that the error still yawns, despite the warnings sent to the manufacturer. Developers who use Huawei’s services were also not informed, the developer laments, hoping Huawei will act quickly.
Research Snipers is currently covering all technology news including Google, Apple, Android, Xiaomi, Huawei, Samsung News, and More. Research Snipers has decade of experience in breaking technology news, covering latest trends in tech news, and recent developments.
