EIP-2026-101816

PRE-CVE

JVC HDRs / Net (Multiple Cameras) - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101816. PoCs published by Orwelllabs.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in JVC products, including XSS, HTTP header injection, CSRF, and weak credentials. It provides technical details and PoC examples for each vulnerability.

Description

JVC HDRs / Net (Multiple Cameras) - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Orwelllabs · textwebappshardware

https://www.exploit-db.com/exploits/39798

View Code ZIP pw:eip

This advisory details multiple vulnerabilities in JVC products, including XSS, HTTP header injection, CSRF, and weak credentials. It provides technical details and PoC examples for each vulnerability.

Classification

Writeup 95%

Attack Type

Xss | Auth Bypass | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: JVC HDR VR-809/816, Network cameras VN-C*, VN-V*, VN-X* with firmwares 1.03 and 2.03

No auth needed

Prerequisites: Network access to the vulnerable device

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026