Lucene search

Mobile Security Framework Security Vulnerabilities

cve

CVE-2022-41547

Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to read arbitrary files via a crafted HTTP request.

7.5CVSS

7.3AI Score

0.002EPSS

2022-10-18 03:15 PM

cve

CVE-2023-42261

Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for examp...

7.5CVSS

7.7AI Score

0.001EPSS

2023-09-21 10:15 PM

cve

CVE-2024-41955

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. An open redirect vulnerability exist in MobSF authentication view. Update to MobSF v4.0.5.

5.4CVSS

5.2AI Score

0.001EPSS

2024-07-31 08:15 PM

cve

CVE-2024-43399

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure in...

9.8CVSS

7.6AI Score

0.001EPSS

2024-08-19 03:15 PM