Samsung WifiHs20UtilityService Path Traversal

Posted by deepcore on October 28, 2015 – 12:52 pm

A path traversal vulnerability was found in the WifiHs20UtilityService. This service is running on a Samsung S6 Edge device, and may be present on other Samsung device models. WifiHs20UtilityService reads any files placed in /sdcard/Download/cred.zip, and unzips this file into /data/bundle. Directory traversal in the path of the zipped contents allows an attacker to write a controlled file to an arbitrary path as the system user.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permission Weakness Joomla 3.44 SQL Injection »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Samsung WifiHs20UtilityService Path Traversal

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL