A vulnerability classified as problematic was found in Musicshelf 1.0/1.1 on Android. Affected by this vulnerability is an unknown functionality of the file iofabricsdkandroidservicesnetworkPinningTrustManager.java of the component SHA-1 Handler. The manipulation leads to password hash with insufficient computational effort.
This vulnerability is known as CVE-2024-2365. It is possible to launch the attack on the physical device. Furthermore, there is an exploit available.