EIP-2026-101686
PRE-CVEECOA Building Automation System - Weak Default Credentials
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-101686. PoCs published by Neurogenesia.
AI-analyzed exploit summary This is a vulnerability writeup detailing weak default credentials in ECOA Building Automation System products. It lists multiple default credentials that can be used to authenticate and gain unauthorized access.
Description
ECOA Building Automation System - Weak Default Credentials
Exploits (1)
exploitdb
WRITEUP
by Neurogenesia · textwebappshardware
https://www.exploit-db.com/exploits/50275
This is a vulnerability writeup detailing weak default credentials in ECOA Building Automation System products. It lists multiple default credentials that can be used to authenticate and gain unauthorized access.
Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:
ECOA Building Automation System (various versions including ECS Router Controller, RiskBuster Terminator, etc.)
No auth needed
Prerequisites:
network access to the target system
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026