Rapid7 Vulnerability & Exploit Database

XoloX file sharing application installed

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

XoloX file sharing application installed



The XoloX file sharing application is installed. XoloX is a peer-to-peer file sharing program that uses the Gnutella protocol.

File sharing programs are a security risk for the following reasons:

  • File sharing programs are often configured to share entire hard drives, which means that sensitive data (including passwords, email, and confidential documents) can be leaked to the outside world.
  • File sharing programs are often used to download additional software that may pose its own security risks (due to viruses and trojan horses). Many file sharing applications install additional "promotional" 3rd-party software that monitors users' actions (so-called "spyware").
  • File sharing programs are often used to share or obtain copyrighted material. This can expose you to legal action.
  • There have widespread incidents involving file sharing programs rigged with trojan horses which allow any remote user complete control of the infected computer.

XoloX is particularly dangerous because it searches the entire hard drive for files to share. XoloX can also be configured to use a web proxy. The username and password for the web proxy are stored in cleartext in the registry (for anyone to read).

In addition to these security risks, peer-to-peer programs can use an inordinate amount of bandwith, degrading network services.


  • windows-xolox-installed

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center