MobSF Pen-Testing Tool Input Validation Flaw Leads to SSRF | allinfosecnews.com

March 25, 2024, 7:03 a.m. | Dhivya

Cyber Security News cybersecuritynews.com

The Mobile Security Framework (MobSF), a widely used pen-testing, malware analysis, and security assessment framework, has been found to contain a critical input validation flaw that could lead to server-side request forgery (SSRF) attacks. The vulnerability, tracked as CVE-2024-29190, affects MobSF version 3.9.5 Beta and prior. Understanding the Vulnerability: CVE-2024-29190 While investigating the “App Link […]

The post MobSF Pen-Testing Tool Input Validation Flaw Leads to SSRF appeared first on Cyber Security News.

analysis assessment attacks beta critical cve cyber security flaw forgery found framework input input validation malware malware analysis mobile mobile security pen request security security assessment security framework server server-side request forgery ssrf testing testing tool tool understanding validation version vulnerability

More from cybersecuritynews.com / Cyber Security News

LATRODECTUS Loader Getting Popular Among Cybercriminals, Is It Replacing ICEDID! an hour ago | cybersecuritynews.com

bypass code cybercriminals cyber security +26

30+ Tesla Cars Hacked Using Third-Party Software 1 day, 12 hours ago | cybersecuritynews.com

access cars collect cyber security +23

How to Use Threat Intelligence Feeds for SOC/DFIR Teams 1 day, 13 hours ago | cybersecuritynews.com

block can compromise cyber security +28

YARA, the Malware Researchers Toolbox Evolved 1 day, 15 hours ago | cybersecuritynews.com

big bugs can cyber security +13

SugarGh0st RAT Attacking Organizations & Individuals in AI Research 1 day, 17 hours ago | cybersecuritynews.com

access ai research attack businesses +21

New Cyber Attack Targeting Facebook Business Accounts 1 day, 17 hours ago | cybersecuritynews.com

accounts ads attack business +28

CISA Reveals Guidance For Implementation of Encrypted DNS Protocols 1 day, 20 hours ago | cybersecuritynews.com

advice agency budget cisa +23

Two Brothers Arrested for Attacking Blockchain & Stealing $25M 1 day, 21 hours ago | cybersecuritynews.com

arrested blockchain boston charged +17

Microsoft to Mandate Multi-Factor Authentication for All Azure Users 1 day, 22 hours ago | cybersecuritynews.com

authentication azure big cloud +12

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India

View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190

View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal

View on infosec-jobs.com