Описание
MobSF is a mobile application security testing tool used. In version 4.4.0, the GET /download/ route uses string path verification via os.path.commonprefix, which allows an authenticated user to download files outside the DWD_DIR download directory from "neighboring" directories whose absolute paths begin with the same prefix as DWD_DIR (e.g., .../downloads_bak, .../downloads.old). This is a Directory Traversal (escape) leading to a data leak. This issue has been patched in version 4.4.1.
Ссылки
- Patch
- Release Notes
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:opensecurity:mobile_security_framework:4.4.0:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00107
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-22
Связанные уязвимости
github
5 месяцев назад
MobSF Path Traversal in GET /download/<filename> using absolute filenames
EPSS
Процентиль: 29%
0.00107
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-22