exploitDog

GHSA-c2jp-9cxq-cm8c

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The btinstall installation script in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 uses weak permissions (777) for all files in the frameworkgui/ directory, which allows local users to obtain sensitive information or inject arbitrary Perl code via direct access to these files.

The btinstall installation script in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 uses weak permissions (777) for all files in the frameworkgui/ directory, which allows local users to obtain sensitive information or inject arbitrary Perl code via direct access to these files.

Ссылки

EPSS

Процентиль: 13%

0.00044

Низкий

CVE ID

Связанные уязвимости

CVE-2012-5697

nvd

больше 11 лет назад

The btinstall installation script in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 uses weak permissions (777) for all files in the frameworkgui/ directory, which allows local users to obtain sensitive information or inject arbitrary Perl code via direct access to these files.

EPSS

Процентиль: 13%

0.00044

Низкий

CVE ID