CVE-2022-50950
7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
Webile 1.0.1 contains a directory traversal vulnerability that allows remote attackers to manipulate file system paths without authentication. Attackers can exploit path manipulation to access sensitive system directories and potentially compromise the mobile device's local file system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Product Owner: Webile | Webile | 1.0.1 | affected |
Weaknesses
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
References
- https://www.vulnerability-lab.com/get_content.php?id=2320
- https://play.google.com/store/apps/details?id=com.techprd.filetransfer&hl=en_US
- https://www.vulncheck.com/advisories/webile-directory-traversal-vulnerability-via-web-application
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.