Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Mobile Security Framework (MobSF) vulnerable to Server-Side Request Forgery (SSRF) in firebase database check
Vulnerability Description
Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. A SSRF vulnerability in firebase database check logic. The attacker can cause the server to make a connection to internal-only services within the organization’s infrastructure. When a malicious app is uploaded to Static analyzer, it is possible to make internal requests. This vulnerability has been patched in version 3.9.8.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Mobile Security Framework 安全漏洞
Vulnerability Description
Mobile Security Framework(MobSF)是Mobile Security Framework开源的一种自动化的一体化移动应用程序。用于渗透测试、恶意软件分析和安全评估,能够执行静态和动态分析。 Mobile Security Framework (MobSF) 3.9.7及之前版本存在安全漏洞,该漏洞源于firebase数据库检查逻辑中存在服务器请求伪造(SSRF)漏洞。
CVSS Information
N/A
Vulnerability Type
N/A