EIP-2026-101588

PRE-CVE

Cisco Firepower Management Center < 6.6.7.1 - Authenticated RCE

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101588. PoCs published by Abdualhadi khalifa.

AI-analyzed exploit summary This exploit demonstrates an authenticated command execution vulnerability in Cisco Firepower Management Center (FMC) by leveraging the API to execute arbitrary commands on vulnerable FTD devices. It checks for specific vulnerable versions and executes predefined commands via the operational/command endpoint.

Description

Cisco Firepower Management Center < 6.6.7.1 - Authenticated RCE

Exploits (1)

exploitdb WORKING POC

by Abdualhadi khalifa · pythonwebappshardware

https://www.exploit-db.com/exploits/51881

View Code ZIP pw:eip

This exploit demonstrates an authenticated command execution vulnerability in Cisco Firepower Management Center (FMC) by leveraging the API to execute arbitrary commands on vulnerable FTD devices. It checks for specific vulnerable versions and executes predefined commands via the operational/command endpoint.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Cisco Firepower Management Center (FMC) versions 6.2.3.18, 6.4.0.16, 6.6.7.1

Auth required

Prerequisites: Valid FMC credentials · Access to FMC web services interface · Vulnerable FTD device managed by FMC

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026