Insecure Permissions Vulnerability in Mobile Security Framework (MobSF) <=v3.7.8 Beta

Insecure Permissions Vulnerability in Mobile Security Framework (MobSF) <=v3.7.8 Beta

CVE-2023-42261 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example, use a reverse proxy server.

Learn more about our Cis Benchmark Audit For Server Software.