Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 up to and including 0.1.4 allows remote malicious users to execute arbitrary commands via shell metacharacters in the hostingPath parameter to (1) SEAttack.pl or (2) CSAttack.pl in frameworkgui/ or the (3) appURLPath parameter to frameworkgui/attachMobileModem.pl.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bulbsecurity smartphone pentest framework |