Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Researchers found Vulnerabilities in “SHAREit” Application!

SHAREit is an application designed by “Lenovo”, using which users can share files and folders over a WiFi network between two smartphones and PCs.It is freely available for Windows and Android smartphones. Researchers of Core Security found several vulnerabilities in this applications,which were related to hard-coded password presence in this application. This hard-coded password controls the sharing process of files between the two devices. These security issues has been fixed by Lenovo now. These vulnerabilties were found in SHAREit's version “3.0.18” for Android and “2.5.1.1” for Windows.

Core Security said,” Lenovo gave a SHAREit named useful application to smartphone users, using which users can share files and folders over a WiFi network very easily. SHAREit creates a network bridge between two smartphones and PCs, during file sharing process. This application is freely available on the App Store of Android and Windows. Our researchers have found several security issues in this application and criminals can exploit these flaws for security byepass and information leak process.”

In SHAREit's Windows version “2.5.1.1” researchers found a vulnerability (CVE-2016-1491), which is related to hard-coded password. Researchers said that when user will exchange files between two devices SHAREit will setup a WiFi hotspot every time. SHAREit uses a very simple password “12345678” to setup this hotspot everytime. It is a very simple password, which could be found by hackers within few seconds.

Also read: Network of NASA has been hacked by Hackers of AnonSec Group!

Another Vulnerability (CVE-2016-1490) has been found by researchers. Lenovo released a security update for its default password “12345678” which is not a proper solution. It allows the hackers to gain the remote access of any device, which is using SHAREit. Due to this flaw hackers can browse the files of any device, when it is connected to WiFi with default password. By sending a HTTP request to server of SHAREit, hacker can browse files but it will not be possible for the hacker to download that files.

The team of Core Security researchers have found many other security issues, which is related to plain text file transfer in both Android and Windows version of SHAREit. Lenovo is still working on these SHAREit security issues. For more details check security reports of Core Security Corelabs.

Source: securityaffairs
Stay connected to your important Windows Applications and software using a cloud desktop by CloudDesktopOnline.com- one of the best DaaS providers . Get excellent support from Apps4Rent.com

Karan Masoun Hey There!!!Thank you for such a great info from your side hope you will bring some of the new and the best info like this. You can check out How to RUN SHAREit APP on Your PC....SHAREit for PC

Jun 6, 2017

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.