Vulnerability: Multiple vulnerabilities in Smartphone Pentest Framework (SPF)
Number of vulnerabilities: 5
Vector operation: Local Network (LAN)
Impact: Cross Site Scripting, Unauthorized manipulation of data, Elevation of Privilege, Security Bypass, System compromise
Affected Products: Smartphone Pentest Framework (SPF) 1.x
Affected versions: Smartphone Pentest Framework (SPF) 1.0
Will be exploited by malicious people to disclose sensitive information, make CSRF attack to execute arbitrary SQL commands to the database application, and potentially compromise a vulnerable system.
1. The vulnerability is due to insecure privileges for application files. Local user to overwrite arbitrary files, applications and improve their privileges.
2. The vulnerability is caused due to insufficient input validation in different scenarios in the directory “/ frameworkgui /”. This can be exploited to execute arbitrary SQL commands in the application database.
3. The vulnerability is caused due to insufficient input validation before calling system () in scripts remoteAttack.pl, CSAttack.pl, SEAttack.pl, attach2agents.pl, attachMobileModem.pl and guessPassword.pl. This can be exploited via a specially crafted HTTP request to execute arbitrary commands on the system.
4. The vulnerability is caused due to the lack of authentication of HTTP requests when you perform some action. A remote user can perform CSRF attack and will take full control of the application and potentially execute arbitrary code.
5. The vulnerability is caused due to insufficient access restrictions to the file / frameworkgui / config. A remote user can directly access the file and get access to potentially sensitive information (for example, to know the credentials to connect to the application database).
Manufacturer URL: www.bulbsecurity.com/smartphone-pentest-framework/