Xbox One OS Version 10.0.18363.8119 (19h1_release_xbox_dev_1911.191119-1135) has Directory Traversal and Information Leakage vulnerabilities
This vulnerability was found late 2019 while working on some protocol vulnerabilities like CallStranger on my old XBox one. I've sent early report to Microsoft and went on a work trip. When I came back to research I saw File Explorer application was removed from XBox One https://www.reddit.com/r/xboxone/comments/ebrrf1/working_alternatives_to_xbox_file_explorer/ https://twitter.com/xboxinsider/status/1202357755140546560 and report was not accepted with an attached tag 'non-reproducable' . I stopped working on XBox One after this ridiculous reply by MS Security team.
Directory Traversal (CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') )
When we open File Explorer application on Xbox One, we see 8 empty folders :
As soon as we write .. in Search area in File Explorer applications, we can access some folders we didn’t see before
We can browse into these folders:
We can copy this Edge backup folders to external USB drive and analyze on computer. They are standart edb files and some log files.
EDB Files
We can analyze EDB files with ESEDatabaseView https://www.nirsoft.net/utils/ese_database_view.html application easily.
Log Files
When we analyzed log files, we saw internal directory structure of Edge for Xbox One
