Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-F42P-VC8P-7X54
HistoryOct 18, 2022 - 7:00 p.m.

MobSF allows attackers to read arbitrary files via a crafted HTTP request

2022-10-1819:00:33
Google
osv.dev
3
mobsf v0.9.2
lfi vulnerability
arbitrary file read
http request
staticanalyzer.views.py

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

65.1%

JSON

Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to read arbitrary files via a crafted HTTP request.

Related

nvd 1
cvelist 1
cve 1
prion 1
osv 1
github 1
nvd
nvd
CVE-2022-41547
2022-10-18 15:15:10
cvelist
cvelist
CVE-2022-41547
2022-10-18 00:00:00
cve
cve
CVE-2022-41547
2022-10-18 15:15:10
prion
prion
Cross site request forgery (csrf)
2022-10-18 15:15:00
osv
osv
CVE-2022-41547
2022-10-18 15:15:10
github
github
MobSF allows attackers to read arbitrary files via a crafted HTTP request
2022-10-18 19:00:33

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

65.1%

JSON
Related for OSV:GHSA-F42P-VC8P-7X54
nvd1cvelist1cve1prion1osv1github1