CVE-2012-5878

Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostingPath parameter to (1) SEAttack.pl or (2) CSAttack.pl in frameworkgui/ or the (3) appURLPath parameter to frameworkgui/attachMobileModem.pl.

Date published : 2020-01-03

https://www.htbridge.com/advisory/HTB23123

https://www.htbridge.com/advisory/HTB23127