Opensecurity: >> Mobile Security Framework >> 0.8.8.1 Security Vulnerabilities
Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example, use a reverse proxy server.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-09-21
Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to read arbitrary files via a crafted HTTP request.
CVSS Score
7.5
EPSS Score
0.038
Published
2022-10-18
Page 2