EIP-2026-101831

PRE-CVE

Lian Li NAS - Multiple Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101831. PoCs published by pws.

AI-analyzed exploit summary This writeup details multiple vulnerabilities in Lian Li NAS devices, including hardcoded cookie authentication bypass, backdoored accounts, and privilege escalation via Telnet. It also lists accessible CGI endpoints and potential CSRF attack vectors.

Description

Lian Li NAS - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP
by pws · textwebappshardware
https://www.exploit-db.com/exploits/34163

This writeup details multiple vulnerabilities in Lian Li NAS devices, including hardcoded cookie authentication bypass, backdoored accounts, and privilege escalation via Telnet. It also lists accessible CGI endpoints and potential CSRF attack vectors.

Classification
Writeup 90%
Attack Type
Auth Bypass | Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Lian Li NAS (firmware G5S604121826700)
No auth needed
Prerequisites: Network access to the NAS device · Ability to set cookies in the browser
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026