[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : WirelessFiles v1.1 iPad iPhone - Multiple Vulnerabilities
# Published : 2013-02-07
# Author :
# Previous Title : Netgear SPH200D Multiple Vulnerabilities
# Next Title : IP.Gallery 4.2.x and 5.0.x Persistent XSS Vulnerability


Title:
======
WirelessFiles v1.1 iPad iPhone - Multiple Web Vulnerabilities


Date:
=====
2013-02-06


References:
===========
http://www.vulnerability-lab.com/get_content.php?id=847


VL-ID:
=====
848


Common Vulnerability Scoring System:
====================================
7.5


Introduction:
=============
This application starts a web server on your device and allows downloads and uploads of any files from it using any browser on any 
other computer or device. No cables, drivers or clients are necessary, just a browser.

Right from this application you can send these files to any other application ready to accept this file type. Or, you can send the 
files to Wireless Files for further download to your computer. There is no problems with national file names.
With this program You have web access to photos and videos on your device. Show your photos in a nice Web Album on big screen without 
cables and so on. For that, you need to enter your web-server from any computer using LAN or WWAN address. Just type one of the 
indicated addresses in the address bar of your browser (Internet Explorer, Mozilla Firefox, Safari or any others). Also, you can start 
WirelessFiles on one device, enter the web-server in your browser from another device, and transfer your photos,for example,to the 
first device, and then put them in Camera Roll. (The transfer of photos to and from Camera Roll is available only in iOS 6 and up).
For all this to work, you need to have a working connection to the network where your device is located.

For LAN,It usually works right on the spot, if you have a modem or Wi-Fi router. If you have an AccessPoint (AP) connected to your 
modem or router, you will need to switch the AP to the bridge mode in order to join the local network and Wi-Fi network into one. In 
case you experience problems with connection, contact a specialist C this can be easily adjusted. Its much harder with WWAN. Its a 
network access point provided by your cell network operator. As a rule, you cannot connect your computer to your device using WWAN. 
Still, if Internet access on your computer is provided by the same operator, everything will get connected and running.

The application wouldnt work in the background, so it switches off autoblocking while running. Any unexpected calls will 
interrupt your file transfer. By default, the application allows storing a limited number of files C no more than 3 of them; 
with the size of each not more than 10 MB. But you can remove all these limitations at the minimal price of $0.99 /