This advisory details a local file include vulnerability in PhotoSync Wifi & Bluetooth v1.0, where the `filename` parameter in the `upload` module can be manipulated to include local files. The vulnerability is exploited via POST requests to the local web interface, allowing unauthorized file inclusion in the image directory listing.
Classification
Writeup 90%
Target:
PhotoSync Wifi & Bluetooth iOS Mobile Web Application v1.0
No auth needed
Prerequisites:
Access to the local network where the PhotoSync service is running · Ability to send POST requests to the local web interface