EIP-2026-102201

PRE-CVE

iOS FileApp < 2.0 - Directory Traversal

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102201. PoCs published by m0ebiusc0de.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in FileApp < 2.0 for iOS devices, allowing unauthorized access to sensitive system files (e.g., /etc/passwd) via FTP. It also includes a proof-of-concept for a remote DoS attack.

Description

iOS FileApp < 2.0 - Directory Traversal

Exploits (1)

exploitdb WORKING POC VERIFIED

by m0ebiusc0de · textremoteios

https://www.exploit-db.com/exploits/15186

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in FileApp < 2.0 for iOS devices, allowing unauthorized access to sensitive system files (e.g., /etc/passwd) via FTP. It also includes a proof-of-concept for a remote DoS attack.

Classification

Working Poc 95%

Attack Type

Info Leak | Dos

Complexity

Trivial

Reliability

Reliable

Target: FileApp < 2.0 on iPhone, iPod, iPad (jailed)

Auth required

Prerequisites: Network access to the target device's FTP server (port 2121) · Valid FTP credentials

MITRE ATT&CK

T1006 - Direct Volume Access T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026