EIP-2026-101196
PRE-CVECisco Application Control Engine (ACE) - HTTP Parsing Security
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-101196. PoCs published by Alexis Tremblay.
AI-analyzed exploit summary This exploit demonstrates a log obfuscation vulnerability in Cisco ACE by sending malformed HTTP requests with spaces in the protocol version field. This causes the server to fail logging the client IP address.
Description
Cisco Application Control Engine (ACE) - HTTP Parsing Security
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Alexis Tremblay · textremotehardware
https://www.exploit-db.com/exploits/33962
This exploit demonstrates a log obfuscation vulnerability in Cisco ACE by sending malformed HTTP requests with spaces in the protocol version field. This causes the server to fail logging the client IP address.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Cisco Application Control Engine (ACE)
No auth needed
Prerequisites:
Network access to the target Cisco ACE device
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026