CVE-2024-29190

{"id": "CVE-2024-29190", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-03-22T23:15:07.123", "references": [{"url": "https://drive.google.com/file/d/1nbKMd2sKosbJef5Mh4DxjcHcQ8Hw0BNR/view?usp=share_link", "tags": ["Permissions Required"], "source": "[email protected]"}, {"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/5a8eeee73c5f504a6c3abdf2a139a13804efdb77", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-wfgj-wrgh-h3r3", "tags": ["Exploit", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://drive.google.com/file/d/1nbKMd2sKosbJef5Mh4DxjcHcQ8Hw0BNR/view?usp=share_link", "tags": ["Permissions Required"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/5a8eeee73c5f504a6c3abdf2a139a13804efdb77", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-wfgj-wrgh-h3r3", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in `android:host`, so requests can also be sent to local hostnames. This can lead to server-side request forgery. An attacker can cause the server to make a connection to internal-only services within the organization's infrastructure. Commit 5a8eeee73c5f504a6c3abdf2a139a13804efdb77 has a hotfix for this issue.\n"}, {"lang": "es", "value": "Mobile Security Framework (MobSF) es un framework de prueba de penetraci\u00f3n, an\u00e1lisis de malware y evaluaci\u00f3n de seguridad capaz de realizar an\u00e1lisis est\u00e1ticos y din\u00e1micos. En la versi\u00f3n 3.9.5 Beta y anteriores, MobSF no realiza ninguna validaci\u00f3n de entrada al extraer los nombres de host en `android:host`, por lo que las solicitudes tambi\u00e9n se pueden enviar a nombres de host locales. Esto puede provocar server-side request forgery. Un atacante puede hacer que el servidor establezca una conexi\u00f3n con servicios exclusivamente internos dentro de la infraestructura de la organizaci\u00f3n. Commit 5a8eeee73c5f504a6c3abdf2a139a13804efdb77 tiene una revisi\u00f3n para este problema."}], "lastModified": "2025-06-30T13:10:37.367", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:opensecurity:mobile_security_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C45DBD67-7FB8-4F4B-B61C-06622F68C81D", "versionEndExcluding": "3.9.7"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}