EIP-2026-101194

PRE-CVE

Cisco 871 Integrated Services Router - Cross-Site Request Forgery (1)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101194. PoCs published by Jeremy Brown.

AI-analyzed exploit summary This is a CSRF exploit targeting Cisco 871 Integrated Services Router running IOS 12.4. It leverages a cross-site request forgery vulnerability to execute arbitrary commands (e.g., 'show privilege') via a crafted HTML form.

Description

Cisco 871 Integrated Services Router - Cross-Site Request Forgery (1)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jeremy Brown · htmlremotehardware

https://www.exploit-db.com/exploits/32390

View Code ZIP pw:eip

This is a CSRF exploit targeting Cisco 871 Integrated Services Router running IOS 12.4. It leverages a cross-site request forgery vulnerability to execute arbitrary commands (e.g., 'show privilege') via a crafted HTML form.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Cisco 871 Integrated Services Router (IOS 12.4)

No auth needed

Prerequisites: Victim must visit a malicious webpage · Target router must be accessible via HTTP · Victim must be authenticated to the router (if auth is required)

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026