EIP-2026-101467

PRE-CVE

TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101467. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit targets a command injection vulnerability in TELSAT marKoni FM Transmitter firmware versions up to 1.9.5. It leverages unauthenticated remote code execution via the 'wget' module in the Email settings' WAN IP info service, allowing an attacker to execute arbitrary commands with root privileges.

Description

TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · pythonremotehardware

https://www.exploit-db.com/exploits/51906

View Code ZIP pw:eip

This exploit targets a command injection vulnerability in TELSAT marKoni FM Transmitter firmware versions up to 1.9.5. It leverages unauthenticated remote code execution via the 'wget' module in the Email settings' WAN IP info service, allowing an attacker to execute arbitrary commands with root privileges.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: TELSAT marKoni FM Transmitter (Firmware: 1.9.5, 1.9.3, 1.5.9, 1.4.6, 1.3.9)

No auth needed

Prerequisites: Network access to the target device · Target device must have the vulnerable firmware version

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026