EIP-2026-100945

PRE-CVE

Zen Load Balancer 3.10.1 - Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100945. PoCs published by Cody Sixteen.

AI-analyzed exploit summary This exploit targets Zen Load Balancer 3.10.1 by leveraging command injection in the certificate generation form to achieve remote code execution. It authenticates with default credentials, then injects a reverse shell payload via the 'cert_organization' parameter.

Description

Zen Load Balancer 3.10.1 - Remote Code Execution

Exploits (1)

exploitdb WORKING POC

by Cody Sixteen · pythonwebappscgi

https://www.exploit-db.com/exploits/48266

View Code ZIP pw:eip

This exploit targets Zen Load Balancer 3.10.1 by leveraging command injection in the certificate generation form to achieve remote code execution. It authenticates with default credentials, then injects a reverse shell payload via the 'cert_organization' parameter.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Zen Load Balancer 3.10.1

Auth required

Prerequisites: Network access to target · Default or weak credentials · Port 444 accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026