EIP-2026-101386

PRE-CVE

Netwave IP Camera - Password Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101386. PoCs published by spiritnull.

AI-analyzed exploit summary This exploit targets a memory leak vulnerability in Netwave IP Camera devices, allowing unauthorized access to sensitive information such as WiFi credentials and system data. It leverages path traversal to read files like /etc/RT2870STA.dat and /proc/kcore, then parses the output for credentials.

Description

Netwave IP Camera - Password Disclosure

Exploits (1)

exploitdb WORKING POC

by spiritnull · pythonremotehardware

https://www.exploit-db.com/exploits/41236

View Code ZIP pw:eip

This exploit targets a memory leak vulnerability in Netwave IP Camera devices, allowing unauthorized access to sensitive information such as WiFi credentials and system data. It leverages path traversal to read files like /etc/RT2870STA.dat and /proc/kcore, then parses the output for credentials.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Netwave IP Camera (unknown version)

No auth needed

Prerequisites: Network access to the vulnerable device · Device must be running a vulnerable version of Netwave IP Camera firmware

MITRE ATT&CK

T1005 - Data from Local System T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026