EIP-2026-101446

PRE-CVE

Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101446. PoCs published by Persian Hack Team.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Shuttle Tech ADSL Wireless 920 WM, including XSS, default credentials, and directory traversal. It provides functional PoC URLs and commands to exploit these issues.

Description

Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by Persian Hack Team · textremotehardware

https://www.exploit-db.com/exploits/40867

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Shuttle Tech ADSL Wireless 920 WM, including XSS, default credentials, and directory traversal. It provides functional PoC URLs and commands to exploit these issues.

Classification

Working Poc 90%

Attack Type

Xss | Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Shuttle Tech ADSL Wireless 920 WM (Gan9.8U6X-B-TW-R1B020_1T1RP)

Auth required

Prerequisites: Access to the target device's web interface · Valid login credentials for XSS and directory traversal

MITRE ATT&CK

T1059.007 - JavaScript T1078 - Valid Accounts T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026