EIP-2026-101142

PRE-CVE

2WIRE Routers - 'CD35_SETUP_01' Access Validation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101142. PoCs published by hkm.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in 2Wire routers, allowing unauthenticated attackers to change the administrative password via crafted URI requests. The issue affects firmware versions prior to 5.29.135.5.

Description

2WIRE Routers - 'CD35_SETUP_01' Access Validation

Exploits (1)

exploitdb WORKING POC VERIFIED

by hkm · textremotehardware

https://www.exploit-db.com/exploits/33165

View Code ZIP pw:eip

This exploit demonstrates an authentication bypass vulnerability in 2Wire routers, allowing unauthenticated attackers to change the administrative password via crafted URI requests. The issue affects firmware versions prior to 5.29.135.5.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: 2Wire routers (firmware < 5.29.135.5)

No auth needed

Prerequisites: Network access to the router's web interface

MITRE ATT&CK

T1110.001 - Password Guessing T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026