CVE-2025-58162

Medium CVSS: 6.5

MobSF is a mobile application security testing tool used. In version 4.4.0, an authenticated user who uploaded a specially prepared one.a, can write arbitrary files to any directory writable by the user of the MobSF process. This issue has been patched in version 4.4.1.

Vendor

Opensecurity

Product

Mobile Security Framework

CWE

CWE-22

Yayın Tarihi

2025-09-02 01:15:30

Güncelleme

2025-09-03 15:48:23

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-22 Mobile Security Framework MEDIUM Opensecurity 2025

Referanslar

https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/7f3bc086c028c1b50889cab8a15f7b59b7abdaf9 https://github.com/MobSF/Mobile-Security-Framework-MobSF/releases/tag/v4.4.1 https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-9gh8-9r95-3fc3

Benzer Kayıtlar

Medium

CVE-2026-33545

MobSF is a mobile application security testing tool used. Prior to version 4.4.6, MobSF's `read_sqlite()` function in `m…

High

CVE-2026-24490

MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting (XSS) vu…

Low

CVE-2025-58161

MobSF is a mobile application security testing tool used. In version 4.4.0, the GET /download/ route uses string path ve…

Medium

CVE-2025-46730

MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-…

High

CVE-2025-46335

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mo…

Medium

CVE-2025-31116

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of perfor…