EIP-2026-101810

PRE-CVE

Intellinet IP Camera MNC-L10 - Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101810. PoCs published by Magnefikko.

AI-analyzed exploit summary This exploit bypasses authentication by manipulating the 'user_auth_level' cookie via JavaScript injection, granting admin access to Intellinet IP Camera interfaces. The attack is executed by setting the cookie value to '43' and refreshing the page.

Description

Intellinet IP Camera MNC-L10 - Authentication Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by Magnefikko · textwebappshardware

https://www.exploit-db.com/exploits/14521

View Code ZIP pw:eip

This exploit bypasses authentication by manipulating the 'user_auth_level' cookie via JavaScript injection, granting admin access to Intellinet IP Camera interfaces. The attack is executed by setting the cookie value to '43' and refreshing the page.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Intellinet IP Camera MNC-L10 and other models

No auth needed

Prerequisites: Access to the camera's web interface · JavaScript enabled in the browser

MITRE ATT&CK

T1189 - Drive-by Compromise T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026