CVE-2021-24035

EPSS 1.1%CWE-23

A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Android v2.21.8.13 could have allowed path traversal attacks that overwrite WhatsApp files.

Produtos afetados

Facebook · WhatsApp Business for Android Facebook · WhatsApp for Android

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.whatsapp.com/security/advisories/2021/