CVE-2016-1328

HIGH

Cisco EPC3928 Firmware - Denial of Service via Long h_sortWireless Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-1328. PoCs published by Patryk Bogdan.

AI-analyzed exploit summary This PoC demonstrates multiple vulnerabilities in Cisco EPC3928, including unauthorized command execution, XSS (stored and reflective), DoS, and information disclosure. It provides HTTP requests to exploit these flaws, confirming their validity.

Description

goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of Service" issue, aka Bug ID CSCux24948.

Exploits (1)

exploitdb WORKING POC
by Patryk Bogdan · textwebappsasp
https://www.exploit-db.com/exploits/39904

This PoC demonstrates multiple vulnerabilities in Cisco EPC3928, including unauthorized command execution, XSS (stored and reflective), DoS, and information disclosure. It provides HTTP requests to exploit these flaws, confirming their validity.

Classification
Working Poc 95%
Attack Type
Xss | Dos | Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Cisco Model EPC3928 DOCSIS 3.0 8x4 Wireless Residential Gateway
No auth needed
Prerequisites: Network access to the vulnerable device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/538627/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/91547
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/39904/

Scores

CVSS v3 7.5
EPSS 0.0930
EPSS Percentile 94.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (1)
cisco/epc3928_firmware
Published Jul 03, 2016
Tracked Since Feb 18, 2026