Critical security flaws have been found in MobSF version 4.4.0, allowing authenticated attackers to potentially access and manipulate files through path traversal and arbitrary file write vulnerabilities. These issues have been fixed in version 4.4.1, emphasizing the importance of timely updates for security testing tools. #MobSF #PathTraversal #FileWriteVulnerability
Keypoints
- The vulnerabilities affect MobSF version 4.4.0 and are fixed in version 4.4.1.
- Path traversal and file write flaws stem from inadequate path validation mechanisms.
- Authenticated users can exploit the flaws to access or overwrite files outside designated areas.
- The arbitrary file write vulnerability can lead to system compromise, including database and configuration file corruption.
- Organizations are urged to update to version 4.4.1 to mitigate these security risks.
Read More: https://gbhackers.com/mobsf-vulnerability/