Client Security Notice | Client Security Notice


Sharp Security revealed on October 30 a serious vulnerability in qBittorrent that has existed for more than 14 years. The vulnerability stems from the software's DownloadManager class, which has failed to verify the validity of SSL certificates since April 6, 2010, allowing any SSL certificate to pass through, providing an opportunity for attackers. Due to the unverified SSL certificate, attackers can perform man-in-the-middle attacks (MITM), intercept and tamper with traffic, thereby obtaining sensitive data or installing malicious code under the guise of legitimate downloads.

To resolve this issue, you can go to the official website to download the latest 5.0.1 version, or switch to alternatives such as Deluge or Transmission. Do not upgrade directly through the link provided in the client. This site now supports the latest version of the qBittorrent client and will remove support for older versions in the near future.


Sharp Security told us that a severe security bug exists on the old visions of qBittorrent.

To solve this problem, you may upgrade the the latest 5.0.1 vision through the official site , or use Deluge and Transmission, etc.. DO NOT upgrade through the link which is provided by your client. We've supported the latest version of qBittorrent and will ban old vision in the near future.


🎬 GPW Staff