Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-101831. PoCs published by pws.
AI-analyzed exploit summary This writeup details multiple vulnerabilities in Lian Li NAS devices, including hardcoded cookie authentication bypass, backdoored accounts, and privilege escalation via Telnet. It also lists accessible CGI endpoints and potential CSRF attack vectors.
Description
Lian Li NAS - Multiple Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
by pws · textwebappshardware
https://www.exploit-db.com/exploits/34163
This writeup details multiple vulnerabilities in Lian Li NAS devices, including hardcoded cookie authentication bypass, backdoored accounts, and privilege escalation via Telnet. It also lists accessible CGI endpoints and potential CSRF attack vectors.
Classification
Writeup 90%
Attack Type
Auth Bypass | Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Lian Li NAS (firmware G5S604121826700)
No auth needed
Prerequisites:
Network access to the NAS device · Ability to set cookies in the browser
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026