EIP-2026-101348

PRE-CVE

Linksys WAP54Gv3 Wireless Router - 'debug.cgi' Cross-Site Scripting

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101348. PoCs published by Cristofaro Mune.

AI-analyzed exploit summary The code describes a cross-site scripting (XSS) vulnerability in Linksys WAP54Gv3 Wireless Router firmware versions 3.05.03 (Europe) and 3.04.03 (US). It provides an example payload to exploit the vulnerability but does not include functional exploit code.

Description

Linksys WAP54Gv3 Wireless Router - 'debug.cgi' Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP VERIFIED
by Cristofaro Mune · textremotehardware
https://www.exploit-db.com/exploits/34182

The code describes a cross-site scripting (XSS) vulnerability in Linksys WAP54Gv3 Wireless Router firmware versions 3.05.03 (Europe) and 3.04.03 (US). It provides an example payload to exploit the vulnerability but does not include functional exploit code.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: Linksys WAP54Gv3 Wireless Router (3.05.03 Europe, 3.04.03 US)
No auth needed
Prerequisites: Victim interaction required to visit a malicious site
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026