EIP-2026-100975

PRE-CVE

3Com OfficeConnect Routers - 'Content-Type' Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100975. PoCs published by Alberto Ortega.

AI-analyzed exploit summary This Ruby script exploits a Denial of Service (DoS) vulnerability in 3Com OfficeConnect ADSL Wireless 11g Firewall Router by sending a malformed HTTP request with an excessively long Content-Type header. The exploit triggers a crash in the router's HTTP service, rendering it unresponsive.

Description

3Com OfficeConnect Routers - 'Content-Type' Denial of Service

Exploits (1)

exploitdb WORKING POC

by Alberto Ortega · rubydoshardware

https://www.exploit-db.com/exploits/10580

View Code ZIP pw:eip

This Ruby script exploits a Denial of Service (DoS) vulnerability in 3Com OfficeConnect ADSL Wireless 11g Firewall Router by sending a malformed HTTP request with an excessively long Content-Type header. The exploit triggers a crash in the router's HTTP service, rendering it unresponsive.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: 3Com OfficeConnect ADSL Wireless 11g Firewall Router 3CRWDR100A-72 and 3CRWDR100Y-72 (Software Version 2.06T13)

No auth needed

Prerequisites: Network access to the target router · Router's HTTP service accessible on port 80

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026