Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2023-42261

Published: 21/09/2023 Updated: 11/04/2024
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Opensecurity

Vulnerability Summary

Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example, use a reverse proxy server.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

opensecurity mobile security framework 3.7.8

opensecurity mobile security framework

References

CWE-276https://github.com/woshinibaba222/hack16/blob/main/Unauthorized%20Access%20to%20MobSF.mdhttps://github.com/MobSF/Mobile-Security-Framework-MobSF/issues/748https://github.com/MobSF/Mobile-Security-Framework-MobSF/blob/abb47659a19ac772765934f184c65fe16cb3bee7/docker-compose.yml#L30-L31https://github.com/MobSF/Mobile-Security-Framework-MobSF/issues/1211https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook