CVE-2026-2249

CRITICAL

METIS DFS <oscore 2.1.234-r18 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-2249. PoCs published by XiaomingX.

AI-analyzed exploit summary The repository claims to provide a PoC for CVE-2026-2249 but lacks actual exploit code, instead redirecting users to an external link (tinyurl.com). The README contains vague descriptions and no technical details about the vulnerability.

Description

METIS DFS devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the software, granting unauthorized access to modify configuration, read and alter sensitive data, or disrupt services.

Exploits (1)

github SUSPICIOUS 10 stars

by XiaomingX · pythonpoc

https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-2249

View Code ZIP pw:eip

The repository claims to provide a PoC for CVE-2026-2249 but lacks actual exploit code, instead redirecting users to an external link (tinyurl.com). The README contains vague descriptions and no technical details about the vulnerability.

Classification

Suspicious 90%

Attack Type

Rce

Complexity

Theoretical

Reliability

Theoretical

Target: METIS DFS devices (oscore <= 2.1.234-r18)

No auth needed

Prerequisites: Python 3.8+ · requests library · argparse library

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources x_vendor-website

https://www.metis.tech/

Various Sources technical-description

https://cydome.io/vulnerability-advisory-cve-2026-2249-unauthenticated-rce-in-metis-data-fusion-server-dfs

Scores

CVSS v3 9.8

EPSS 0.0035

EPSS Percentile 58.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-287 CWE-306

Status published

Products (2)

METIS Cyberspace Technology SA/METIS DFS oscore 2.1.234-r18

METIS Cyberspace Technology SA/METIS DFS oscore 2.1.235-r19

Published Feb 11, 2026

Tracked Since Feb 18, 2026