8 matches found
ZIP Of Death (zip Bomb) Attack
MobSF is vulnerable to a ZIP of Death zip bomb Attack. The vulnerability is due to lack of checks on the total uncompressed size of uploaded ZIP files, allowing attackers to exhaust server disk space during extraction...
CVE-2025-46730
MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external...
Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack
Vulnerable MobSF Versions: = v4.3.2 Details: MobSF is a widely adopted mobile application security testing tool used by security teams across numerous organizations. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web application...
GHSA-C5VG-26P8-Q8CR Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack
Vulnerable MobSF Versions: = v4.3.2 Details: MobSF is a widely adopted mobile application security testing tool used by security teams across numerous organizations. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web application...
CVE-2025-46730 Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack
MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external...
CVE-2025-46730 Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack
MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external...
CVE-2025-46730
MobSF (Mobile Security Framework) versions up to 4.3.2 are vulnerable to a ZIP of Death due to missing a check on the total uncompressed size of uploaded ZIP files. An attacker can craft a small ZIP that expands to gigabytes, exhausting disk space and causing a DoS affecting MobSF and other on‑ho...
PT-2025-19792
Name of the Vulnerable Software and Affected Versions MobSF versions up to and including 4.3.2 Description MobSF is a mobile application security testing tool used by security teams across numerous organizations, typically deployed on centralized internal or cloud-based servers. The tool provides...