CVE-2023-26609

HIGH EXPLOITED

ABUS TVIP 20000-21150 Firmware - Remote Code Execution via Wireless MFT AP Field

Title source: llm

Exploitation Summary

CVE-2023-26609 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including [email protected], D1G17.

AI-analyzed exploit summary This exploit demonstrates Local File Inclusion (LFI) and Remote Code Execution (RCE) vulnerabilities in ABUS Security Camera TVIP 20000-21150. It leverages command injection via a CGI endpoint to achieve root-level RCE and establishes persistent SSH access using dropbear.

Description

ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field.

Exploits (2)

exploitdb WORKING POC

by [email protected] · textremotehardware

https://www.exploit-db.com/exploits/51294

View Code ZIP pw:eip

This exploit demonstrates Local File Inclusion (LFI) and Remote Code Execution (RCE) vulnerabilities in ABUS Security Camera TVIP 20000-21150. It leverages command injection via a CGI endpoint to achieve root-level RCE and establishes persistent SSH access using dropbear.

Classification

Working Poc 100%

Attack Type

Rce | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: ABUS Security Camera TVIP 20000-21150

Auth required

Prerequisites: Network access to the target device · Valid credentials (admin:admin or manufacture:erutcafunam)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec STUB

by D1G17 · remote

https://github.com/D1G17/CVE-2023-26609

View Code ZIP pw:eip

The repository contains only a README with a disclaimer and no exploit code or technical details. It lacks any functional PoC, analysis, or meaningful content related to CVE-2023-26609.

Classification

Stub 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory, VDB Entry

http://packetstormsecurity.com/files/171136/ABUS-Security-Camera-TVIP-20000-21150-LFI-Remote-Code-Execution.html

Exploit, Third Party Advisory

https://nwsec.de/NWSSA-001-2023.txt

Exploit, Mailing List, Third Party Advisory mailing-list

http://seclists.org/fulldisclosure/2023/Feb/16

Scores

CVSS v3 7.2

EPSS 0.3872

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

VulnCheck KEV 2015-07-12

Status published

Products (1)

abus/tvip_20000-21150_firmware

Published Feb 27, 2023

Tracked Since Feb 18, 2026