EIP-2026-102321

PRE-CVE

WK UDID 1.0.1 iOS - Command Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102321. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary This is a vulnerability writeup describing a local command injection vulnerability in the WK UDID v1.0.1 iOS app. The vulnerability allows manipulation of the device name value to inject malicious script codes into the mail function.

Description

WK UDID 1.0.1 iOS - Command Injection

Exploits (1)

exploitdb WRITEUP

by Vulnerability-Lab · textwebappsios

https://www.exploit-db.com/exploits/37492

View Code ZIP pw:eip

This is a vulnerability writeup describing a local command injection vulnerability in the WK UDID v1.0.1 iOS app. The vulnerability allows manipulation of the device name value to inject malicious script codes into the mail function.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: WK UDID - iOS Mobile Web Application 1.0.1

Auth required

Prerequisites: Local access to the iOS device · Ability to modify device name settings

MITRE ATT&CK

T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026