Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-101325. PoCs published by Khashayar Fereidani.
AI-analyzed exploit summary This exploit leverages a directory traversal vulnerability in iPhone iFile 2.0 to read arbitrary files from the device. It constructs a URL with traversal sequences to access sensitive files like AddressBook.sqlitedb, Safari data, or /etc/passwd.
Description
iphone ifile 2.0 - Directory Traversal
Exploits (1)
exploitdb
WORKING POC
by Khashayar Fereidani · pythonremotehardware
https://www.exploit-db.com/exploits/16244
This exploit leverages a directory traversal vulnerability in iPhone iFile 2.0 to read arbitrary files from the device. It constructs a URL with traversal sequences to access sensitive files like AddressBook.sqlitedb, Safari data, or /etc/passwd.
Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
iPhone iFile 2.0
No auth needed
Prerequisites:
Network access to the vulnerable iFile service · iFile 2.0 running on iOS 4.0.1
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026