CVE-2022-50950 | THREATINT

Description

Webile 1.0.1 contains a directory traversal vulnerability that allows remote attackers to manipulate file system paths without authentication. Attackers can exploit path manipulation to access sensitive system directories and potentially compromise the mobile device's local file system.

PUBLISHED Reserved 2026-01-11 | Published 2026-02-01 | Updated 2026-02-02 | Assigner VulnCheck

HIGH: 7.1CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status

unaffected

1.0.1

affected

Credits

Vulnerability-Lab [Research Team] finder

References

www.vulnerability-lab.com/get_content.php?id=2320 (Vulnerability Lab Advisory) exploit

play.google.com/...ails?id=com.techprd.filetransfer&hl=en_US (Product Homepage) product

www.vulncheck.com/...ersal-vulnerability-via-web-application (VulnCheck Advisory: Webile 1.0.1 Directory Traversal Vulnerability via Web Application) third-party-advisory

cve.org (CVE-2022-50950)

nvd.nist.gov (CVE-2022-50950)

Download JSON