CVE-2018-10123

HIGH

p910nd - Inteno IOPSYS 2.0-4.2.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-10123. PoCs published by neonsea.

AI-analyzed exploit summary This exploit leverages CVE-2018-10123 to achieve remote code execution by modifying the p910nd configuration to write an SSH key to the authorized_keys file, allowing root access. It authenticates via Ubus JSON-RPC and manipulates the configuration to enable arbitrary file writes.

Description

p910nd on Inteno IOPSYS 2.0 through 4.2.0 allows remote attackers to read, or append data to, arbitrary files via requests on TCP port 9100.

Exploits (1)

exploitdb WORKING POC
by neonsea · pythonremotehardware
https://www.exploit-db.com/exploits/44635

This exploit leverages CVE-2018-10123 to achieve remote code execution by modifying the p910nd configuration to write an SSH key to the authorized_keys file, allowing root access. It authenticates via Ubus JSON-RPC and manipulates the configuration to enable arbitrary file writes.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: LEDE Project (OpenWrt) with p910nd service
Auth required
Prerequisites: Authenticated access to the Ubus interface · p910nd service enabled or configurable · Network access to the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://neonsea.uk/blog/2018/04/15/pwn910nd.html
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44635/

Scores

CVSS v3 8.8
EPSS 0.1089
EPSS Percentile 95.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
intenogroup/iopsys_firmware 2.0 - 4.2.0
Published May 16, 2018
Tracked Since Feb 18, 2026