EIP-2026-101348
PRE-CVELinksys WAP54Gv3 Wireless Router - 'debug.cgi' Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-101348. PoCs published by Cristofaro Mune.
AI-analyzed exploit summary The code describes a cross-site scripting (XSS) vulnerability in Linksys WAP54Gv3 Wireless Router firmware versions 3.05.03 (Europe) and 3.04.03 (US). It provides an example payload to exploit the vulnerability but does not include functional exploit code.
Description
Linksys WAP54Gv3 Wireless Router - 'debug.cgi' Cross-Site Scripting
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Cristofaro Mune · textremotehardware
https://www.exploit-db.com/exploits/34182
The code describes a cross-site scripting (XSS) vulnerability in Linksys WAP54Gv3 Wireless Router firmware versions 3.05.03 (Europe) and 3.04.03 (US). It provides an example payload to exploit the vulnerability but does not include functional exploit code.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target:
Linksys WAP54Gv3 Wireless Router (3.05.03 Europe, 3.04.03 US)
No auth needed
Prerequisites:
Victim interaction required to visit a malicious site
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026