Lucene search
K

8 matches found

Veracode
Veracode
added 2025/05/12 3:4 a.m.9 views

ZIP Of Death (zip Bomb) Attack

MobSF is vulnerable to a ZIP of Death zip bomb Attack. The vulnerability is due to lack of checks on the total uncompressed size of uploaded ZIP files, allowing attackers to exhaust server disk space during extraction...

6.8CVSS6.6AI score0.00411EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/05/05 8:15 p.m.12 views

CVE-2025-46730

MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external...

6.8CVSS0.00411EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/05/05 7:32 p.m.28 views

Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack

Vulnerable MobSF Versions: = v4.3.2 Details: MobSF is a widely adopted mobile application security testing tool used by security teams across numerous organizations. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web application...

6.8CVSS6.8AI score0.00411EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/05/05 7:32 p.m.16 views

GHSA-C5VG-26P8-Q8CR Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack

Vulnerable MobSF Versions: = v4.3.2 Details: MobSF is a widely adopted mobile application security testing tool used by security teams across numerous organizations. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web application...

6.8CVSS6.8AI score0.00411EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/05/05 7:32 p.m.15 views

CVE-2025-46730 Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack

MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external...

6.8CVSS0.00411EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/05 7:32 p.m.10 views

CVE-2025-46730 Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack

MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external...

6.8CVSS6.7AI score0.00411EPSS
Exploits1References2
CVE
CVE
added 2025/05/05 7:32 p.m.71 views

CVE-2025-46730

MobSF (Mobile Security Framework) versions up to 4.3.2 are vulnerable to a ZIP of Death due to missing a check on the total uncompressed size of uploaded ZIP files. An attacker can craft a small ZIP that expands to gigabytes, exhausting disk space and causing a DoS affecting MobSF and other on‑ho...

6.8CVSS6.7AI score0.00411EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/05 12:0 a.m.6 views

PT-2025-19792

Name of the Vulnerable Software and Affected Versions MobSF versions up to and including 4.3.2 Description MobSF is a mobile application security testing tool used by security teams across numerous organizations, typically deployed on centralized internal or cloud-based servers. The tool provides...

6.8CVSS5.9AI score0.00411EPSS
Exploits1References13
Rows per page
Query Builder