Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile.
A SSRF vulnerability in firebase database check logic. The attacker can cause the server to make a connection to internal-only services within the organization’s infrastructure. When a malicious app is uploaded to Static analyzer, it is possible to make internal requests. This vulnerability has been patched in version 3.9.8.
References
Configurations
No configuration.
History
21 Nov 2024, 09:13
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/43bb71d115d78c03faa82d75445dd908e9b32716 - | |
References | () https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2373 - | |
References | () https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-wpff-wm84-x5cx - | |
Summary |
|
04 Apr 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-04 16:15
Updated : 2024-11-21 09:13
NVD link : CVE-2024-31215
Mitre link : CVE-2024-31215
CVE.ORG link : CVE-2024-31215
JSON object : View
Products Affected
No product.
CWE
CWE-918
Server-Side Request Forgery (SSRF)