← back
CVE-2012-5697

CVE-2012-5697

EPSS 0.4%
The btinstall installation script in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 uses weak permissions (777) for all files in the frameworkgui/ directory, which allows local users to obtain sensitive information or inject arbitrary Perl code via direct access to these files.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/51415https://twitter.com/georgiaweidman/statuses/269138431567855618https://www.htbridge.com/advisory/HTB23123