VYPR
Moderate severityNVD Advisory· Published Sep 2, 2025· Updated Sep 2, 2025

MobSF Vulnerable to Arbitrary File Write (AR-Slip) via Absolute Path in .a Extraction

CVE-2025-58162

Description

MobSF is a mobile application security testing tool used. In version 4.4.0, an authenticated user who uploaded a specially prepared one.a, can write arbitrary files to any directory writable by the user of the MobSF process. This issue has been patched in version 4.4.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mobsfPyPI
< 4.4.14.4.1

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.