CVE-2016-15056

HIGH

Ubee EVW3226 <1.0.20 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-15056. PoCs published by Gergely Eberhardt.

AI-analyzed exploit summary This PoC demonstrates multiple vulnerabilities in Ubee EVW3226 modem/router, including authentication bypass, local file inclusion, backup file disclosure, and arbitrary code execution via configuration file manipulation and buffer overflows.

Description

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can request 'Configuration_file.cfg' directly to obtain the backup archive. Because backup files are not encrypted, they expose sensitive information including the plaintext admin password, allowing full compromise of the device.

Exploits (1)

exploitdb WORKING POC

by Gergely Eberhardt · pythonwebappscgi

https://www.exploit-db.com/exploits/40156

View Code ZIP pw:eip

This PoC demonstrates multiple vulnerabilities in Ubee EVW3226 modem/router, including authentication bypass, local file inclusion, backup file disclosure, and arbitrary code execution via configuration file manipulation and buffer overflows.

Classification

Working Poc 95%

Attack Type

Rce | Auth Bypass | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Ubee EVW3226 firmware 1.0.20

No auth needed

Prerequisites: Network access to the target device · Knowledge of the device's IP address

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Mailing List exploit

https://seclists.org/fulldisclosure/2016/Jul/66

Various Sources technical-description exploit

https://web.archive.org/web/20160726145043/http://www.search-lab.hu/advisories/122-ubee-evw3226-modem-router-multiple-vulnerabilities

Various Sources product

https://web.archive.org/web/20160403014231/http://www.ubeeinteractive.com/products/cable/evw3226

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/40156

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/ubee-evw3226-unauthenticated-backup-file-disclosure

Scores

CVSS v4 8.7

EPSS 0.0057

EPSS Percentile 42.3%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-538

Status published

Products (1)

Ubee Interactive/Ubee EVW3226 < 1.0.20

Published Nov 14, 2025

Tracked Since Feb 18, 2026