5.2

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-41955

CVE-2024-41955: MobSF vulnerable to Open Redirect in Login Redirect

Impact

What kind of vulnerability is it? Who is impacted?

An open redirect vulnerability exist in MobSF authentication view.

PoC

Go to http://127.0.0.1:8000/login/?next=//afine.com in a web browser.
Enter credentials and press "Sign In".
You will be redirected to afine.com

Users who are not using authentication are not impacted.

Patches

Has the problem been patched? What versions should users upgrade to?

Update to MobSF v4.0.5

Workarounds

Is there a way for users to fix or remediate the vulnerability without upgrading? Disable Authentication

References

Are there any links users can visit to find out more? Fix: https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/fdaad81314f393d324c1ede79627e9d47986c8c8

Reporter

Marcin Węgłowski (AFINE Team)

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-41955

CVE-2024-41955:

5.2

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
mobsf	pip	< 4.0.5	4.0.5

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stemmed from improper validation of user-controlled redirect URLs. The commit introduced a 'sanitize_redirect' function to address this, replacing the original checks in these three functions. The pre-patch code in authentication.py and saml2.py used 'startswith('/')' validation, which allowed '//attacker.com' URLs (valid under the check but unsafe). The functions handling redirect logic were directly modified in the fix, confirming their role in the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.2

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-41955: MobSF vulnerable to Open Redirect in Login Redirect

Impact

Patches

Workarounds

References

Reporter

CVE-2024-41955:

5.2

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

CVE-2024-41955: MobSF vulnerable to Open Redirect in Login Redirect

Impact

Patches

Workarounds

References

Reporter

5.2

5.2

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI