CVE-2014-1827

iThoughtsHD app <4.19 - File Upload

Title source: llm
STIX 2.1

Description

The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as demonstrated by a .html%00.txt file.

References (1)

Core 1
Core References
Exploit x_refsource_misc
http://www.madirish.net/559

Scores

EPSS 0.0101
EPSS Percentile 58.9%

Details

CWE
CWE-20
Status published
Products (1)
ithoughts/ithoughtshd 4.19
Published Mar 26, 2014
Tracked Since Feb 18, 2026