Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

File Explorer (FX) For Android Path Traversal

🗓️ 06 Feb 2014 00:00:00Reported by Keith MakanType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 21 Views

File Explorer (FX) for Android suffers from a Path Traversal and android.permission.storage permission leakage vulnerability, allowing unauthorized access to the local file system

Code
`*# Disclosure Date:* 31 Jan 2014  
*# Author: *Keith Makan (http://blog.k3170makan.com)  
*# Vendor or Software Link:*  
https://play.google.com/store/apps/details?id=nextapp.fx&hl=en  
  
*# Version:* 2.3.0.10  
*# Tested on:* Android 3.2.1  
*# Site : http://blog.k3170makan.com <http://blog.k3170makan.com>*  
Description: File Explorer (FX) for Android Suffers from a Path Traversal  
and android.permission.storage permission leakage vulnerability.  
  
The nextapp.fx.FileProvider Content Provider URI does not require any  
Read/Write permissions yet allows unauthorized applications to make use of  
the android.permission.STORAGE permission by providing them with access to  
the local filesystem.  
Impact: Malicious Android applications with no Permissions are capable of  
leaking the contents of a victims local file system.  
  
An estimated 500,000 - 1,000,000 installs are currently affected.  
Fix:  
Enforce android.permission.STORAGE Read/Write permission for the affected  
content provider.  
  
PoC available at:  
>  
http://blog.k3170makan.com/2014/02/path-traversal-vulnerability-in-file.html#more  
  
*Timeline:*  
31 Jan 2014 - Original Disclosure  
06 February 2014 - Advisory Publication  
--   
<Keith k3170makan <http://about.me/k3170makan> Makan/>  
  
  
-------------  
Proof of concept:  
  
dz> run app.provider.read content://nextapp.fx.FileProvider/  
Is a directory  
dz> run app.provider.read content://nextapp.fx.FileProvider/../../../system/etc/hosts  
127.0.0.1 localhost  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 Feb 2014 00:00Current
0.4Low risk
Vulners AI Score0.4
androidpath traversalpermission leakagefile explorervulnerabilitycontent provider
21