CVE-2025-31116

Published
View on NVD ↗
CVSS v3
4.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The mitigation for CVE-2024-29190 in valid_host() uses socket.gethostbyname(), which is vulnerable to SSRF abuse using DNS rebinding technique. This vulnerability is fixed in 4.3.2.

MobSF/Mobile-Security-Framework-MobSF
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
GitHubGitHub
21.1K