EIP-2026-101115

PRE-CVE

ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101115. PoCs published by Lyon Yang.

AI-analyzed exploit summary This advisory details two stack-based buffer overflow vulnerabilities in Zhone GPON devices, exploitable via HTTP GET or POST requests with oversized filenames. The writeup includes technical details on the attack vectors and affected versions.

Description

ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Lyon Yang · textdoshardware

https://www.exploit-db.com/exploits/38475

View Code ZIP pw:eip

This advisory details two stack-based buffer overflow vulnerabilities in Zhone GPON devices, exploitable via HTTP GET or POST requests with oversized filenames. The writeup includes technical details on the attack vectors and affected versions.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Zhone ZNID GPON 2426A (and related models) < S3.0.501

Auth required

Prerequisites: Network access to the device · Valid credentials for authentication

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026