CVE-2018-10286

HIGH

Ericsson-LG iPECS NMS A.1Ac - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-10286. PoCs published by Berk Cem Göksel.

AI-analyzed exploit summary This exploit leverages SQL injection (CVE-2018-9245) and incorrect access control (CVE-2018-10285) to dump cleartext database and NMS credentials from Ericsson-LG iPECS NMS. It first bypasses authentication via SQLi, then extracts database credentials, and finally retrieves admin credentials for the NMS.

Description

The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via the responses to certain HTTP POST requests. In order to be able to see the credentials in cleartext, an attacker needs to be authenticated.

Exploits (1)

exploitdb WORKING POC
by Berk Cem Göksel · pythonwebappsphp
https://www.exploit-db.com/exploits/44515

This exploit leverages SQL injection (CVE-2018-9245) and incorrect access control (CVE-2018-10285) to dump cleartext database and NMS credentials from Ericsson-LG iPECS NMS. It first bypasses authentication via SQLi, then extracts database credentials, and finally retrieves admin credentials for the NMS.

Classification
Working Poc 95%
Attack Type
Sqli | Auth Bypass | Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Ericsson-LG iPECS NMS A.1Ac and possibly earlier
No auth needed
Prerequisites: Network access to the target system · Target system running vulnerable iPECS NMS version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44515/

Scores

CVSS v3 8.8
EPSS 0.0673
EPSS Percentile 93.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-522
Status published
Products (1)
ericssonlg/ipecs_nms a.1ac
Published Apr 22, 2018
Tracked Since Feb 18, 2026