Close Menu
Technotification
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    Technotification
    • Home
    • News
    • How To
    • Explained
    • Facts
    • Lists
    • Programming
    • Security
    • Gaming
    Technotification
    Home › News › SHAREit App Bugs Allow Hackers to Gain Full Access to the Device Files

    SHAREit App Bugs Allow Hackers to Gain Full Access to the Device Files

    By Subham KapisweDecember 3, 2022
    Facebook Twitter Reddit LinkedIn
    severe shareit flaws

    Transferring files over Wifi is a way faster than traditional methods like sending over Bluetooth. All thanks to apps like SHAREit and Xender who have revolutionized this world in many ways. Now, we don’t need to wait for hours to receive a file. But what will you say if you found these apps have some severe bugs that could compromise your privacy and security.

    According to a recent report by Threat Post, the popular data sharing app SHAREit has two major flaws that could allow attackers to gain full access to the device files.

    The bugs have been discovered by the researchers at Redforce that can bypass the app authentication system, access files, Facebook token, and cookies as well.

    shareit bug

    Here, the most surprising thing is the bugs were found in December 2017 and were officially fixed in 2018. Even after the bugs had a CVSS 3.0 score of 8.2 (High-Severity), the company decided to not disclose the details of vulnerabilities as it could have a huge impact on their user base. “We wanted to give as many people as we can the time to update and patch their devices before making the critical vulnerability common knowledge,” said researcher Abdulrahman Nour.

    The flaws make it easy for attackers on the same WiFi network to check if the victim’s device was running a SHAREit server. They can easily do this by checking these designated ports: Port 55283 and Port 2999.

    The researchers have also explained that both the ports are used by the application for different purposes. Port 55283 is used for device identification, handling file transfer requests and to send or receive messages. While the other Port 2999 is the app’s HTTP server and used by clients to download shared files.

    After the user’s identification is done, the attackers simply use

    [curl http://shareit_sender_ip:2999/DontExist]

    and send a request that they are attempting to fetch a non-existent page. But in reality, they are trying to add themselves to the victim’s trusted devices list.

    The SHAREit is actually failing to validate ‘msgid’ parameter i.e a unique identifier to ensure that file sharing requests are initiated by the sender. In result, the application considers this situation as an unauthenticated user is trying to fetch a non-existing page and add it to the list of recognized devices with status code 200.

    This opens an easy way for attackers to target over 500 million SHAREit users in the world. They could access files, auto-fill data, hotspot info, Amazon web-service user key and also download files.

    As per the reports, the SHAREit patched the vulnerability in March 2018 but didn’t either given any vulnerability CVE number nor provided the patched version of the application to the researcher. They did not cooperate with the researchers at Redforce either in discussing things or replying their messages.

    Share. Facebook Twitter LinkedIn Tumblr Reddit Telegram WhatsApp
    Subham Kapiswe
    • LinkedIn

    A computer science engineer by education and blogger by profession who loves to write about Programming, Cybersecurity, Blockchain, Artificial Intelligence, Open Source and other latest technologies.

    Related Posts

    Understanding the Role of Cybersecurity in Emerging Technologies

    June 5, 2025

    NVIDIA GeForce NOW is Finally Coming to India

    January 8, 2025

    The Psychology of a Phishing Email: How Scammers Play with Your Mind

    July 16, 2024

    9 Essential Elements of a Strong Cyber Security Management System

    July 3, 2024

    Common Cyber Attacks and How to Prevent Them

    July 3, 2024

    How Cyber Security Paid Training Prepares You for Real-World Threats

    June 13, 2024
    Lists You May Like

    5 Best Torrent Sites for Software in 2025

    January 2, 2025

    10 Best Torrent Search Engine Sites (2025 Edition)

    February 12, 2025

    10 Best RARBG Alternative Sites in April 2025 [Working Links]

    April 1, 2025

    The Pirate Bay Proxy List in 2025 [Updated List]

    January 2, 2025

    10 Sites to Watch Free Korean Drama [2025 Edition]

    January 2, 2025

    10 Best Torrent Sites for eBooks in 2025 [Working]

    January 2, 2025

    10 Best GTA V Roleplay Servers in 2025 (Updated List)

    January 6, 2025

    1337x Alternatives, Proxies, and Mirror Sites in 2025

    January 2, 2025

    10 Best Anime Torrent Sites in 2025 [Working Sites]

    January 6, 2025

    15 Best Wallpaper Engine Wallpapers in 2025

    January 6, 2025
    Pages
    • About
    • Contact
    • Privacy
    • Careers
    Privacy

    Information such as the type of browser being used, its operating system, and your IP address is gathered in order to enhance your online experience.

    © 2013 - 2025 Technotification | All rights reserved.

    Type above and press Enter to search. Press Esc to cancel.