EIP-2026-101731

PRE-CVE

FiberHome AN5506 - Remote DNS Change

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101731. PoCs published by r0ots3c.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated remote DNS change vulnerability in FIBERHOME AN5506 routers by sending a crafted HTTP request to the web interface. The PoC uses curl to modify DHCP settings, including DNS servers, without authentication.

Description

FiberHome AN5506 - Remote DNS Change

Exploits (1)

exploitdb WORKING POC
by r0ots3c · textwebappshardware
https://www.exploit-db.com/exploits/43961

This exploit demonstrates an unauthenticated remote DNS change vulnerability in FIBERHOME AN5506 routers by sending a crafted HTTP request to the web interface. The PoC uses curl to modify DHCP settings, including DNS servers, without authentication.

Classification
Working Poc 95%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: FIBERHOME AN5506-04-F (RP2617)
No auth needed
Prerequisites: Network access to the target device · Curl or similar HTTP client
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026