mobsf-framework-exposure: MobSF Framework - Exposure

漏洞描述

PoC代码[已公开]

id: mobsf-framework-exposure

info:
  name: MobSF Framework - Exposure
  author: Shine
  severity: high
  description: MobSF Framework is exposed.
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"MobSF"
  tags: misconfig,exposure,mobsf,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/recent_scans/'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'Recent Scans'
          - 'Mobile Security Framework - MobSF'
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a004730450220333fff412ae39bfe77a3ab8e183e7815d1bc63f112aec630e93d96bafa23e549022100e512681a110d91c4fc7c5172f2bb195b347463b13d59e10aef1cb2a9daf6b8e5:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC CVE-2023-33960: OpenProject < 12.5.4 - Project Identifiers Exposure
• POC dagster-webserver-ui-exposure: Dagster - Webserver UI Exposure
• POC frigate-api-exposure: Frigate NVR - API Exposure
• POC batflat-sqlite-exposure: Batflat SQLite Database - Exposure
• POC netlify-headers-config-exposure: Netlify Headers Configuration - Exporsure
• POC selenium-grid-exposure: Selenium Grid Exposure
• POC aws-buildspec-exposure: AWS CodeBuild Build Spec - Exposure
• POC gcloudignore-file-exposure: Google Cloud Ignore File Exposure
• POC joe-deadjoe-file-exposure: Joe Editor DEADJOE File - Exposure
• POC postgres-history-exposure: PostgreSQL History - Exposure
• POC vscode-mcp-json: Visual Studio Code MCP Configuration ("mcp.json") Exposure
• POC cacti-log-exposure: Cacti Log - Exposure
• POC magento-debug-log-exposure: Magento Debug Log - Exposure