EIP-2026-101367

PRE-CVE

MODACOM URoad-5000 1450 - Remote Command Execution / Backdoor Access

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101367. PoCs published by Alex Stanev.

AI-analyzed exploit summary This exploit leverages a backdoor account (engineer:engineer) in URoad-5000 v1450 to execute arbitrary commands via the /goform/SystemCommand endpoint, allowing remote command execution (RCE) and the addition of a privileged user.

Description

MODACOM URoad-5000 1450 - Remote Command Execution / Backdoor Access

Exploits (1)

exploitdb WORKING POC VERIFIED

by Alex Stanev · textremotehardware

https://www.exploit-db.com/exploits/17356

View Code ZIP pw:eip

This exploit leverages a backdoor account (engineer:engineer) in URoad-5000 v1450 to execute arbitrary commands via the /goform/SystemCommand endpoint, allowing remote command execution (RCE) and the addition of a privileged user.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: URoad-5000 v1450

Auth required

Prerequisites: Network access to the device · Default or backdoor credentials (engineer:engineer)

MITRE ATT&CK

T1078 - Valid Accounts T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026