The btinstall installation script in Bulb Security Smartphone Pentest Framework (SPF) prior to 0.1.3 uses weak permissions (777) for all files in the frameworkgui/ directory, which allows local users to obtain sensitive information or inject arbitrary Perl code via direct access to these files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bulbsecurity smartphone pentest framework |