EIP-2026-101121
PRE-CVEDraytek Vigor 3900 1.06 - Local Privilege Escalation
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-101121. PoCs published by Mohammad abou hayt.
AI-analyzed exploit summary This writeup details a privilege escalation vulnerability in DrayTek Vigor 3900 firmware 1.06, where any user can gain root shell access via the 'sh draytekv3900' command due to improper BusyBox shell restrictions. The author demonstrates the issue by logging in as a limited user and executing the command to obtain a root shell.
Description
Draytek Vigor 3900 1.06 - Local Privilege Escalation
Exploits (1)
This writeup details a privilege escalation vulnerability in DrayTek Vigor 3900 firmware 1.06, where any user can gain root shell access via the 'sh draytekv3900' command due to improper BusyBox shell restrictions. The author demonstrates the issue by logging in as a limited user and executing the command to obtain a root shell.