EIP-2026-101431

PRE-CVE

Samsung Smart Home Camera SNH-P-6410 - Command Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101431. PoCs published by PentestPartners.

AI-analyzed exploit summary This exploit leverages command injection in Samsung Smart Camera's debug CGI interface to change the web interface password and root password. It uses HTTP digest authentication and sed to modify the /etc/shadow file.

Description

Samsung Smart Home Camera SNH-P-6410 - Command Injection

Exploits (1)

exploitdb WORKING POC

by PentestPartners · pythonremotehardware

https://www.exploit-db.com/exploits/40235

View Code ZIP pw:eip

This exploit leverages command injection in Samsung Smart Camera's debug CGI interface to change the web interface password and root password. It uses HTTP digest authentication and sed to modify the /etc/shadow file.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Samsung Smart Camera (iPolis)

Auth required

Prerequisites: Network access to the camera · Knowledge of the camera's IP address

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026