AirDroid 2: Is AirDroid secure?

Sat Apr 27, 2013 8:25 pm in General

page 2 / 2 << 1, 2 >> go to

Notice:
AirDroid forum has stopped maintance, feel free to visit Help Center to submit feedback.

T48P
#11

Title

Do not use web.airdroid.com until they release a statement regarding the .XSS vulnerability.

Here's a post from a year and a half ago from Threat Post: http://threatpost.com/android-airdroid- ... 0813/77707

"According to a warning on the US-CERT’s Vulnerability Notes Database this morning, if an attacker was able to get access to a phone with AirDroid installed, they’d be able to send a malicious text message to the browser associated with the account. Once that message is brought up on the browser, the attacker could execute an XSS attack which in turn could lead to a slew of problems, including information leakage, privilege escalation and denial of service on the compromised machine.

"Apparently the problem is that AirDroid’s web interface, web.airdroid.com, doesn’t properly sanitize the code it’s sent via text messages."

Sounds like I'm using it on my home wifi only. Too bad, I'd love to have the theft-recovery feature of being able to track it if lost.
According
to a warning on the US-CERT’s Vulnerability Notes Database this
morning, if an attacker was able to get access to a phone with AirDroid
installed, they’d be able to send a malicious text message to the
browser associated with the account. Once that message is brought up on
the browser, the attacker could execute an XSS attack which in turn
could lead to a slew of problems, including information leakage,
privilege escalation and denial of service on the compromised machine. -
See more at:
http://threatpost.com/android-airdroid- ... FGJSM.dpuf
T48P

Notice:
AirDroid forum has stopped maintance, feel free to visit Help Center to submit feedback.

sadiee718
#12

Title

Device manager does exceptional job of locating when lost in, say, my house. Can make it ring for 5 minutes and sure to hear.
sadiee718
(Sign in or sign up to post a reply.)
page 2 / 2 << 1, 2 >> go to

Statistics

26319 posts

7493 threads

Members: 191898

Latest Member: wwn

Online: 8