EIP-2026-100891

PRE-CVE

SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configuration Download

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100891. PoCs published by Todor Donev.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in multiple Siemens IP cameras by accessing sensitive configuration files via unauthenticated HTTP requests. The PoC provides direct URLs to download configuration files without authentication.

Description

SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configuration Download

Exploits (1)

exploitdb WORKING POC VERIFIED

by Todor Donev · textwebappscgi

https://www.exploit-db.com/exploits/40262

View Code ZIP pw:eip

This exploit demonstrates an authentication bypass vulnerability in multiple Siemens IP cameras by accessing sensitive configuration files via unauthenticated HTTP requests. The PoC provides direct URLs to download configuration files without authentication.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: SIEMENS IP Camera (multiple models, various firmware versions)

No auth needed

Prerequisites: Network access to the target camera · Knowledge of the target camera's IP address

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026