EIP-2026-102305

PRE-CVE

Video WiFi Transfer 1.01 - Directory Traversal

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102305. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary The exploit demonstrates a directory traversal vulnerability in Video WiFi Transfer 1.01 iOS app, allowing remote attackers to access sensitive files outside the intended directory via crafted FTP requests. Multiple PoC examples (Perl, HTML, JS) are provided to exploit the flaw.

Description

Video WiFi Transfer 1.01 - Directory Traversal

Exploits (1)

exploitdb WORKING POC

by Vulnerability-Lab · textwebappsios

https://www.exploit-db.com/exploits/34263

View Code ZIP pw:eip

The exploit demonstrates a directory traversal vulnerability in Video WiFi Transfer 1.01 iOS app, allowing remote attackers to access sensitive files outside the intended directory via crafted FTP requests. Multiple PoC examples (Perl, HTML, JS) are provided to exploit the flaw.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: BlueFinger Apps Video WiFi Transfer/MP4 Conversion v1.01

No auth needed

Prerequisites: FTP service enabled on the target iOS app · Network access to the device

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026