CVE-2022-50950

Webile 1.0.1 Directory Traversal Vulnerability via Web Application

CVSS 7.1 HIGHEPSS 0.9%CWE-22

Webile 1.0.1 contains a directory traversal vulnerability that allows remote attackers to manipulate file system paths without authentication. Attackers can exploit path manipulation to access sensitive system directories and potentially compromise the mobile device's local file system.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Productos afectados

Product Owner: Webile · Webile

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://play.google.com/store/apps/details?id=com.techprd.filetransfer&hl=en_US https://www.vulncheck.com/advisories/webile-directory-traversal-vulnerability-via-web-application https://www.vulnerability-lab.com/get_content.php?id=2320