EIP-2026-101257

This Python script exploits a remote command injection vulnerability in Drobo 5N2 NAS devices (firmware 4.1.1 and lower) by leveraging unauthenticated access to the NASd service. It includes multiple payloads for actions like installing applications, resetting credentials, and spawning root shells via crafted XML commands.