This advisory details a code execution vulnerability in WebDisk+ v2.1 iOS, where the `name` input field in the upload module (`afupload.ma`) allows remote attackers to execute arbitrary code via manipulated GET requests. The vulnerability is triggered through the `p` and `filename` parameters, with execution occurring in the `afgetdir.ma` file.
Classification
Writeup 95%
Target:
WebDisk+ v2.1 iOS
No auth needed
Prerequisites:
Network access to the vulnerable WebDisk+ application · Ability to send crafted HTTP requests