EIP-2026-101203

PRE-CVE

Cisco small business RV130W 1.0.3.44 - Inject Counterfeit Routers

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101203. PoCs published by Michael Alamoot.

AI-analyzed exploit summary This exploit injects counterfeit router advertisements via VRRPv3 and EIGRP packets to manipulate routing tables on Cisco RV130W routers. It crafts and sends spoofed packets to redirect traffic through an attacker-controlled IP.

Description

Cisco small business RV130W 1.0.3.44 - Inject Counterfeit Routers

Exploits (1)

exploitdb WORKING POC

by Michael Alamoot · pythonremotehardware

https://www.exploit-db.com/exploits/50335

View Code ZIP pw:eip

This exploit injects counterfeit router advertisements via VRRPv3 and EIGRP packets to manipulate routing tables on Cisco RV130W routers. It crafts and sends spoofed packets to redirect traffic through an attacker-controlled IP.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Cisco RV130W 1.0.3.44

No auth needed

Prerequisites: Network access to the target router · Ability to send spoofed VRRPv3 and EIGRP packets

MITRE ATT&CK

T1557 - Adversary-in-the-Middle T1557.002 - ARP Cache Poisoning

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026