EIP-2026-101193

PRE-CVE

Cisco 7937G - DoS/Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101193. PoCs published by Cody Martin.

AI-analyzed exploit summary This exploit targets Cisco 7937G IP phones running firmware <= SIP-1-4-5-7, offering DoS (with/without reset) and SSH credential manipulation via crafted HTTP requests to the device's web interface. The DoS attacks leverage malformed input to crash services, while the SSH attack changes credentials via parameter manipulation.

Description

Cisco 7937G - DoS/Privilege Escalation

Exploits (1)

exploitdb WORKING POC

by Cody Martin · pythonremotehardware

https://www.exploit-db.com/exploits/49057

View Code ZIP pw:eip

This exploit targets Cisco 7937G IP phones running firmware <= SIP-1-4-5-7, offering DoS (with/without reset) and SSH credential manipulation via crafted HTTP requests to the device's web interface. The DoS attacks leverage malformed input to crash services, while the SSH attack changes credentials via parameter manipulation.

Classification

Working Poc 95%

Attack Type

Dos | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Cisco 7937G IP Phone (SIP firmware <= 1-4-5-7)

No auth needed

Prerequisites: Network access to the target device · Web interface enabled on the phone · SSH enabled for credential change attack

MITRE ATT&CK

T1499 - Endpoint Denial of Service T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026