EIP-2026-101604

PRE-CVE

Comtrend AR-5387un router - Persistent XSS (Authenticated)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101604. PoCs published by OscarAkaElvis.

AI-analyzed exploit summary This Python script automates the exploitation of a persistent XSS vulnerability (CVE-2018-8062) in Comtrend AR-5387un routers by bypassing CSRF protection and injecting a custom payload into the 'Service Description' field during WAN service creation.

Description

Comtrend AR-5387un router - Persistent XSS (Authenticated)

Exploits (1)

exploitdb WORKING POC

by OscarAkaElvis · pythonwebappshardware

https://www.exploit-db.com/exploits/48908

View Code ZIP pw:eip

This Python script automates the exploitation of a persistent XSS vulnerability (CVE-2018-8062) in Comtrend AR-5387un routers by bypassing CSRF protection and injecting a custom payload into the 'Service Description' field during WAN service creation.

Classification

Working Poc 95%

Attack Type

Xss

Complexity

Moderate

Reliability

Reliable

Target: Comtrend AR-5387un router (Firmware A731-410JAZ-C04_R02.A2pD035g.d23i)

Auth required

Prerequisites: Network access to the router · Valid admin credentials · Router with vulnerable firmware

MITRE ATT&CK

T1189 - Drive-by Compromise T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026