Unrated severityNVD Advisory· Published Jun 11, 2021· Updated Aug 3, 2024

CVE-2021-24035

Description

A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Android v2.21.8.13 could have allowed path traversal attacks that overwrite WhatsApp files.

Affected products

Facebook/WhatsApp for Androidllm-fuzzy3 versions
<2.21.8.13+ 2 more
- (no CPE)range: <2.21.8.13
- (no CPE)range: unspecified
- (no CPE)range: unspecified
Whatsapp/Whatsappllm-fuzzy
Range: <2.21.8.13

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.whatsapp.com/security/advisories/2021/mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000