Foxit MobilePDF for Android
The Foxit MobilePDF for Android suffers from a path traversal vulnerability in its WiFi Transfer feature. An attacker can use escape characters in URI(s) that are processed by the WiFI Transfer feature in order to access files in the application's data directory.
Foxit Software has remediated the vulnerability
2017-12-04 - Disclosed the vulnerability details to [email protected] 2017-12-06 - Emailed [email protected] to verify the information had been received 2017-12-06 - Foxit Software responded that the email had been received and the developers were working on a fix 2017-12-12 - Foxit Software confirmed that a fix had been implemented and an update would be available in January 2018 2018-1-08 - Foxit Software published a new security advisory for the affected application
Offensive Minded Security Exploit Development