CVE-2022-50950

Webile 1.0.1 Directory Traversal Vulnerability via Web Application

CVSS 7.1 HIGHEPSS 0.9%CWE-22

Webile 1.0.1 contains a directory traversal vulnerability that allows remote attackers to manipulate file system paths without authentication. Attackers can exploit path manipulation to access sensitive system directories and potentially compromise the mobile device's local file system.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

Product Owner: Webile · Webile

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://play.google.com/store/apps/details?id=com.techprd.filetransfer&hl=en_US https://www.vulncheck.com/advisories/webile-directory-traversal-vulnerability-via-web-application https://www.vulnerability-lab.com/get_content.php?id=2320