all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MobSF Pen-Testing Tool Input Validation Flaw Leads to SSRF

Add to bookmarks
March 25, 2024, 7:03 a.m. | Dhivya

Cyber Security News cybersecuritynews.com

The Mobile Security Framework (MobSF), a widely used pen-testing, malware analysis, and security assessment framework, has been found to contain a critical input validation flaw that could lead to server-side request forgery (SSRF) attacks. The vulnerability, tracked as CVE-2024-29190, affects MobSF version 3.9.5 Beta and prior. Understanding the Vulnerability: CVE-2024-29190 While investigating the “App Link […]


The post MobSF Pen-Testing Tool Input Validation Flaw Leads to SSRF appeared first on Cyber Security News.

analysis assessment attacks beta critical cve cyber security flaw forgery found framework input input validation malware malware analysis mobile mobile security pen request security security assessment security framework server server-side request forgery ssrf testing testing tool tool understanding validation version vulnerability

Visit resource

More from cybersecuritynews.com / Cyber Security News

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories) 3 hours ago | cybersecuritynews.com
advanced advanced persistent threat apt attacks +26
Cactus Ransomware Exploiting Qlik Servers Vulnerability 2 days, 3 hours ago | cybersecuritynews.com
cactus cactus ransomware code code execution +28
Hackers Abuse Autodesk Drive For Hosting Weaponized PDF Files 2 days, 3 hours ago | cybersecuritynews.com
abuse attack autodesk campaign +19
MuddyWater Hackers Abusing Legitimate RMM Tool to Deliver Malware 2 days, 7 hours ago | cybersecuritynews.com
abusing actor agent atera +26
Hackers Actively Exploiting WP Automatic Updates Plugin Vulnerability 2 days, 8 hours ago | cybersecuritynews.com
attack automatic can compromise +27
Microsoft Releases Historical MS-DOS 4.0 Source Code to the Public 2 days, 8 hours ago | cybersecuritynews.com
accessibility code decision developers +12
PoC Exploit Released For Critical Flowmon Vulnerability 2 days, 8 hours ago | cybersecuritynews.com
analysis a network command command injection +26
Chrome Critical Flaw Let Attackers Execute Arbitary Code : Patch Now 2 days, 8 hours ago | cybersecuritynews.com
arbitrary code attackers browservulnerability channel +21
Hackers Exploit Google Ads to Spread IP Scanner with Concealed Backdoor 2 days, 19 hours ago | cybersecuritynews.com
ads attacker backdoor campaign +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network Security Engineer

@ Meta | Menlo Park, CA | Remote, US
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Washington, DC
View on infosec-jobs.com

Threat Investigator- Security Analyst

@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
View on infosec-jobs.com

Security Operations Engineer II

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs