CVE-2026-27778

HIGH

ePower epower.ie - Denial of Service via WebSocket Authentication Request Flood

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-27778. PoCs published by adminlove520, KimJ6.

AI-analyzed exploit summary This repository contains a functional proof-of-concept for CVE-2026-27778, demonstrating an authentication bypass vulnerability (CWE-307) via brute-force attacks on a WebSocket-based authentication system. It includes both an attack script and a server simulator to analyze the vulnerability.

Description

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

Exploits (2)

github WORKING POC 4 stars

by adminlove520 · pythonpoc

https://github.com/adminlove520/CVE-Poc_All_in_One/tree/main/2026/CVE-2026-27778

View Code ZIP pw:eip

This repository contains a functional proof-of-concept for CVE-2026-27778, demonstrating an authentication bypass vulnerability (CWE-307) via brute-force attacks on a WebSocket-based authentication system. It includes both an attack script and a server simulator to analyze the vulnerability.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: WebSocket-based authentication systems (generic)

No auth needed

Prerequisites: WebSocket endpoint accessible · No rate-limiting or brute-force protection

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed May 24, 2026 Full analysis →

nomisec WORKING POC

by KimJ6 · poc

https://github.com/KimJ6/PoC-Simulator_CVE-2026-27778

View Code ZIP pw:eip

This repository contains a functional proof-of-concept for CVE-2026-27778, demonstrating a brute-force attack (CWE-307) against a WebSocket-based authentication system. The exploit simulates rapid authentication attempts to bypass rate-limiting mechanisms.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: WebSocket-based authentication server (version unspecified)

No auth needed

Prerequisites: WebSocket connection to target server · knowledge of authentication request format

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed May 04, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources

https://epower.ie/support/

Third Party Advisory

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-062-07.json

View Writeup ZIP pw:eip

Third Party Advisory, US Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-26-062-07

Scores

CVSS v3 7.5

EPSS 0.0060

EPSS Percentile 43.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-307

Status published

Products (2)

epower/epower.ie

ePower/epower.ie All versions

Published Mar 06, 2026

Tracked Since Mar 06, 2026