| tiêu đề | iAI Lab PDF AI: Podcast, Notes, Slides Version 4.21.0 (chatpdf.pro) Path Traversal |
|---|
| Mô tả | chatpdf.pro accepts file-share intents (ACTION_SEND / ACTION_VIEW) carrying a content:// URI from any other app on the device. When the URI points at an attacker-controlled ContentProvider, the app reads the URI's _display_name metadata column and uses that string verbatim as the destination filename when copying the streamed bytes to disk. Because the value is attacker-controlled and never sanitized, supplying a _display_name containing ../ sequences gives the attacker arbitrary file creation inside the victim app's own private storage, both internal (/data/data/chatpdf.pro/) and external (/sdcard/Android/data/chatpdf.pro/).
The trust model is the bug: the app treats _display_name as a safe filename when the documentation explicitly states it is a display string and may contain anything the source provider chooses to return. A zero-permission attacker app delivers a single intent, and the victim app - running in its own process with its own UID - opens an output stream at the attacker-resolved path and writes the attacker-supplied bytes. All filesystem operations execute inside the victim's security context.
What the primitive yields:
Arbitrary file creation inside /data/data/chatpdf.pro/ - the victim app's UID-protected internal storage. Every subdirectory is reachable: files/, files/sp/ (MMKV preference stores), databases/, shared_prefs/, code_cache/, plus arbitrary new directories at any depth.
Arbitrary file creation inside /sdcard/Android/data/chatpdf.pro/ - the victim app's external app-private storage, including getExternalFilesDir(null) and getExternalCacheDir().
Intermediate directory creation at any depth - the sink calls mkdirs() on the resolved path, so the attacker can plant payloads inside fresh, attacker-named directory trees that did not previously exist.
Full attacker control over the file's contents via ContentResolver.openInputStream() against the attacker's ContentProvider.
All of this is reachable from any of seven exported <activity-alias> entries in the manifest that accept mimeType="*/*", requiring zero permissions on the attacker app.
https://play.google.com/store/apps/details?id=chatpdf.pro |
|---|
| Nguồn | ⚠️ https://github.com/actuator/chatpdf.pro |
|---|
| Người dùng | Actuator (UID 67941) |
|---|
| Đệ trình | 04/05/2026 13:09 (cách đây 1 tháng) |
|---|
| Kiểm duyệt | 05/06/2026 20:37 (1 month later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 368968 [iAI Lab PDF AI App 4.21.0 trên Android chatpdf.pro getExternalCacheDir _display_name duyệt thư mục] |
|---|
| điểm | 20 |
|---|