Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostingPath parameter to (1) SEAttack.pl or (2) CSAttack.pl in frameworkgui/ or the (3) appURLPath parameter to frameworkgui/attachMobileModem.pl.
References
Link | Resource |
---|---|
https://www.htbridge.com/advisory/HTB23123 | Not Applicable Third Party Advisory |
https://www.htbridge.com/advisory/HTB23127 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-03T19:30:28
Updated: 2020-01-03T19:30:28
Reserved: 2012-11-16T00:00:00
Link: CVE-2012-5878
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-03T20:15:11.027
Modified: 2020-01-15T17:06:17.963
Link: CVE-2012-5878
JSON object: View
Redhat Information
No data.
CWE