EIP-2026-100199

PRE-CVE

Cisco EPC 3925 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100199. PoCs published by Patryk Bogdan.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in Cisco EPC 3925, including HTTP response injection, DoS via cookie manipulation, CSRF, and stored XSS. The PoC provides detailed HTTP requests and responses to trigger these vulnerabilities.

Description

Cisco EPC 3925 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by Patryk Bogdan · textwebappsasp

https://www.exploit-db.com/exploits/40383

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in Cisco EPC 3925, including HTTP response injection, DoS via cookie manipulation, CSRF, and stored XSS. The PoC provides detailed HTTP requests and responses to trigger these vulnerabilities.

Classification

Working Poc 95%

Attack Type

Dos | Xss | Csrf | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Cisco EPC3925 (EuroDocsis 3.0 2-PORT Voice Gateway)

No auth needed

Prerequisites: Network access to the target device · Ability to send crafted HTTP requests

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026