CVE-2022-50951

6.4 MEDIUM
Cross-Site Scripting

📋 TL;DR

WiFi File Transfer 1.0.8 has a persistent cross-site scripting vulnerability where attackers can inject malicious JavaScript through file and folder names. When users preview infected file paths, the malicious scripts execute in their browsers, potentially stealing session cookies or performing unauthorized actions. This affects all users of WiFi File Transfer 1.0.8 who use the web interface to browse files.

💻 Affected Systems

Products:
  • WiFi File Transfer
Versions: 1.0.8
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the web server component when file/folder names contain malicious scripts that aren't properly sanitized.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal session cookies, hijack user accounts, install malware on devices, or perform unauthorized file operations through the victim's authenticated session.

🟠

Likely Case

Session hijacking leading to unauthorized file access, data theft, or malicious file uploads/downloads through the compromised web interface.

🟢

If Mitigated

Limited impact with proper input validation and output encoding, potentially only affecting file preview functionality without session compromise.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires user interaction (previewing infected files) but payload delivery is straightforward through file/folder names.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider alternative file transfer applications with proper security updates.

🔧 Temporary Workarounds

Disable Web Interface

android

Stop using the vulnerable web server component and use alternative file transfer methods

Close WiFi File Transfer app when not in use
Disable web server in app settings if available

Network Segmentation

all

Restrict access to the WiFi File Transfer web interface to trusted networks only

Configure firewall to block external access to port used by app (typically 8080)

🧯 If You Can't Patch

  • Avoid previewing files from untrusted sources in the web interface
  • Use the app only on isolated, trusted networks with no external access

🔍 How to Verify

Check if Vulnerable:

Check app version in Google Play Store or app settings. Version 1.0.8 is vulnerable.

Check Version:

Check app version in Android Settings > Apps > WiFi File Transfer

Verify Fix Applied:

No official fix available. Consider app replacement as verification method.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file/folder names containing script tags or JavaScript code
  • Multiple failed preview attempts
  • Suspicious file operations from unexpected sources

Network Indicators:

  • HTTP requests to file paths containing script tags or encoded JavaScript
  • Unusual traffic patterns to the web server port

SIEM Query:

source="wifi-file-transfer" AND (uri="*<script*" OR uri="*javascript:*" OR uri="*onload=*" OR uri="*onerror=*")

📊 Metadata

CVE ID: CVE-2022-50951
CVSS v3 Score: 6.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
CWE: CWE-79
Published: February 1, 2026
Last Updated: February 4, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

📤 Share This