CNNVD-202509-223 Information
CNNVD ID
CNNVD-202509-223
Related CVE
- CNNVD Published: 2025-09-02
Description (Chinese)
Mobile Security Framework(MobSF)是Mobile Security Framework开源的一种自动化的一体化移动应用程序。用于渗透测试、恶意软件分析和安全评估,能够执行静态和动态分析。 Mobile Security Framework(MobSF) 4.4.0版本存在路径遍历漏洞,该漏洞源于上传特制文件可能导致任意文件写入。
Description (English)
Mobile Security Platform (MobSF) is an automated, integrated mobile application from the Mobile Security Platform Open Source. For penetration testing, malicious software analysis and security assessment, static and dynamic analysis can be performed. Mobile Security Platform (MobSF) version 4.4.0 has a loophole in its path, which stems from the possibility that uploading a special file may lead to any document being written.
Hazard Level
High
Vulnerability Type
路径遍历
Affected Vendor
Mobile Security Framework
Published
2025-09-02
Last Modified
2026-02-24
References
https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-9gh8-9r95-3fc3 https://github.com/MobSF/Mobile-Security-Framework-MobSF/releases/tag/v4.4.1 https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/7f3bc086c028c1b50889cab8a15f7b59b7abdaf9 https://nvd.nist.gov/vuln/detail/CVE-2025-58162 https://access.redhat.com/security/cve/cve-2025-58162
Patch
https://github.com/MobSF/Mobile-Security-Framework-MobSF/releases
Share on: