EIP-2026-101748

PRE-CVE

Friendly-Tech FriendlyTR69 CPE Remote Management 2.8.9 - SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101748. PoCs published by Yaniv Miron.

AI-analyzed exploit summary This advisory describes a SQL injection vulnerability in Friendly-Tech FriendlyTR69 CPE Remote Management V2.8.9, allowing authentication bypass via crafted login credentials. The exploit details are minimal, focusing on the vulnerability's existence rather than providing executable code.

Description

Friendly-Tech FriendlyTR69 CPE Remote Management 2.8.9 - SQL Injection

Exploits (1)

exploitdb WRITEUP

by Yaniv Miron · textwebappshardware

https://www.exploit-db.com/exploits/11677

View Code ZIP pw:eip

This advisory describes a SQL injection vulnerability in Friendly-Tech FriendlyTR69 CPE Remote Management V2.8.9, allowing authentication bypass via crafted login credentials. The exploit details are minimal, focusing on the vulnerability's existence rather than providing executable code.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Friendly-Tech FriendlyTR69 CPE Remote Management V2.8.9

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026