CVE-2022-50950

Webile 1.0.1 Directory Traversal Vulnerability via Web Application

CVSS 7.1 HIGHEPSS 0.9%CWE-22

Webile 1.0.1 contains a directory traversal vulnerability that allows remote attackers to manipulate file system paths without authentication. Attackers can exploit path manipulation to access sensitive system directories and potentially compromise the mobile device's local file system.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Produtos afetados

Product Owner: Webile · Webile

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://play.google.com/store/apps/details?id=com.techprd.filetransfer&hl=en_US https://www.vulncheck.com/advisories/webile-directory-traversal-vulnerability-via-web-application https://www.vulnerability-lab.com/get_content.php?id=2320