EIP-2026-101169

PRE-CVE

AXIS 70U - Network Document Server Privilege Escalation / Cross-Site Scripting

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101169. PoCs published by DSecRG.

AI-analyzed exploit summary The advisory details a Local File Include (LFI) vulnerability leading to privilege escalation and multiple XSS vulnerabilities in the AXIS 70U Network Document Server web interface. It includes technical descriptions and example URLs demonstrating the vulnerabilities.

Description

AXIS 70U - Network Document Server Privilege Escalation / Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP VERIFIED

by DSecRG · textremotehardware

https://www.exploit-db.com/exploits/7845

View Code ZIP pw:eip

The advisory details a Local File Include (LFI) vulnerability leading to privilege escalation and multiple XSS vulnerabilities in the AXIS 70U Network Document Server web interface. It includes technical descriptions and example URLs demonstrating the vulnerabilities.

Classification

Writeup 90%

Attack Type

Xss | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: AXIS 70U Network Document Server (Web Interface) version 3.0

No auth needed

Prerequisites: Access to the web interface of the AXIS 70U device

MITRE ATT&CK

T1059.007 - JavaScript T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026