* WiFi Photo & Video Access 1.0.10
WiFi Photo & Video Access contains a flaw in the Index Toolbar module that may allow a local attacker to execute arbitrary commands. This issue is triggered when a device name is changed to that of a system specific command or request, which will cause that command to be executed on the device.
The local command injection web vulnerability can be exploited by remote attackers without an application user account
and also without user interaction. For demonstration or reproduce ...
Manually steps to reproduce ... Command Inject via Album Foldername
1. Install the application from itunes or the apple appstore
2. Start the application on your ipad or iphone
3. Open the settings menu of iOS and switch to the name of your iOS device
4. Change the device name to your own malicious string to for a later execution of the command/path injection
5. Open the localhost web-server of the wireless application and refresh the index listing
6. The main index toolbar will execute the device name context without secure encoding
7. Successful reproduced!