CVE-2004-2326

IP3 Networks NetAccess Appliance <3.1.18b13 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2326. PoCs published by Syam Yanuar.

AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in the IP3 NetAccess Appliance, where unsanitized input in the login interface allows attackers to bypass authentication. The example payloads ('or''=') are generic SQLi strings, but no functional exploit code is included.

Description

SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the (1) login or (2) password. NOTE: this issue was later reported to also affect firmware 4.0.34.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Syam Yanuar · textremotehardware
https://www.exploit-db.com/exploits/23808

The provided text describes a SQL injection vulnerability in the IP3 NetAccess Appliance, where unsanitized input in the login interface allows attackers to bypass authentication. The example payloads ('or''=') are generic SQLi strings, but no functional exploit code is included.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: IP3 NetAccess Appliance
No auth needed
Prerequisites: Network access to the appliance's login interface
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26106
Exploit, Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9858
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/432007/100/0/threaded

Scores

EPSS 0.0136
EPSS Percentile 68.5%

Details

Status published
Products (3)
ip3_networks/ip3_netaccess
ip3_networks/ip3_netaccess_-_hospitality
ip3_networks/ip3_netaccess_-_wireless_hotspots
Published Dec 31, 2004
Tracked Since Feb 18, 2026