EIP-2026-101587

PRE-CVE

Cisco DPC2420 - Multiples Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101587. PoCs published by Facundo M. de la Cruz.

AI-analyzed exploit summary This document details multiple vulnerabilities in the Cisco DPC2420 cable modem router, including configuration file disclosure, persistent XSS, and weak authentication mechanisms. It provides technical details and proof-of-concept steps for each vulnerability.

Description

Cisco DPC2420 - Multiples Vulnerabilities

Exploits (1)

exploitdb WRITEUP
by Facundo M. de la Cruz · textwebappshardware
https://www.exploit-db.com/exploits/23250

This document details multiple vulnerabilities in the Cisco DPC2420 cable modem router, including configuration file disclosure, persistent XSS, and weak authentication mechanisms. It provides technical details and proof-of-concept steps for each vulnerability.

Classification
Writeup 90%
Attack Type
Info Leak | Xss | Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Cisco DPC2420 with firmware D2425-P10-13-v202r12811-110511as-TRO
No auth needed
Prerequisites: Network access to the device · Port 8080 accessible for configuration file disclosure
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026