5.2

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-41955

GHSA ID

GHSA-8m9j-2f32-2vx4

EPSS Score

0.87244%

CWE

CWE-601

Published

7/31/2024

Updated

8/2/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-41955

CVE-2024-41955: MobSF vulnerable to Open Redirect in Login Redirect

Impact

What kind of vulnerability is it? Who is impacted?

An open redirect vulnerability exist in MobSF authentication view.

PoC

Go to http://127.0.0.1:8000/login/?next=//afine.com in a web browser.
Enter credentials and press "Sign In".
You will be redirected to afine.com

Users who are not using authentication are not impacted.

Patches

Has the problem been patched? What versions should users upgrade to?

Update to MobSF v4.0.5

Workarounds

Is there a way for users to fix or remediate the vulnerability without upgrading? Disable Authentication

References

Are there any links users can visit to find out more? Fix: https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/fdaad81314f393d324c1ede79627e9d47986c8c8

Reporter

Marcin Węgłowski (AFINE Team)

(GitHub Advisory)

5.2

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-41955

GHSA ID

GHSA-8m9j-2f32-2vx4

EPSS Score

0.87244%

CWE

CWE-601

Published

7/31/2024

Updated

8/2/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
mobsf	pip	< 4.0.5	4.0.5

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stemmed from improper validation of user-controlled redirect URLs. The commit introduced a 'sanitize_redirect' function to address this, replacing the original checks in these three functions. The pre-patch code in authentication.py and saml2.py used 'startswith('/')' validation, which allowed '//attacker.com' URLs (valid under the check but unsafe). The functions handling redirect logic were directly modified in the fix, confirming their role in the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t _W**t kin* o* vuln*r**ility is it? W*o is imp**t**?_ *n op*n r**ir**t vuln*r**ility *xist in Mo*S* *ut**nti**tion vi*w. Po* *. *o to *ttp://***.*.*.*:****/lo*in/?n*xt=//**in*.*om in * w** *rows*r. *. *nt*r *r***nti*ls *n* pr*ss "Si*n In

Reasoning

T** vuln*r**ility st*mm** *rom improp*r `v*li**tion` o* us*r-*ontroll** r**ir**t URLs. T** *ommit intro*u*** * 's*nitiz*_r**ir**t' `*un*tion` to ***r*ss t*is, r*pl**in* t** ori*in*l ****ks in t**s* t*r** `*un*tions`. T** pr*-p*t** *o** in `*ut**nti**

5.2

Basic Information

Concerned about an active attack path?

CVE-2024-41955: MobSF vulnerable to Open Redirect in Login Redirect

Impact

Patches

Workarounds

References

Reporter

5.2

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI