EIP-2026-103763

PRE-CVE

Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103763. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary This document describes multiple local command/path injection vulnerabilities in Air Gallery 1.0 Air Photo Browser for iOS. The vulnerabilities allow attackers to inject malicious commands via the `devicename` and `album name` parameters, leading to unauthorized command execution or path requests.

Description

Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP
by Vulnerability-Lab · textlocalmultiple
https://www.exploit-db.com/exploits/30183

This document describes multiple local command/path injection vulnerabilities in Air Gallery 1.0 Air Photo Browser for iOS. The vulnerabilities allow attackers to inject malicious commands via the `devicename` and `album name` parameters, leading to unauthorized command execution or path requests.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Air Gallery - Air Photo Browser iOS 1.0
No auth needed
Prerequisites: Local access to the iOS device · Vulnerable application installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026