EIP-2026-101832

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101832. PoCs published by Xiphos Research Ltd.

AI-analyzed exploit summary This exploit leverages an unauthenticated command injection vulnerability in LifeSize Room 5.0.9 via the LsSystemRestore.sh script to disclose admin credentials, then uses those credentials to execute arbitrary commands via the doPrefCommand method in the LSRoom_Remoting endpoint. Local privilege escalation to root is achieved by exploiting a PATH-based setuid binary (tcpdump_manager).

Description

LifeSize Room 5.0.9 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by Xiphos Research Ltd · textwebappshardware

https://www.exploit-db.com/exploits/40690

View Code ZIP pw:eip

This exploit leverages an unauthenticated command injection vulnerability in LifeSize Room 5.0.9 via the LsSystemRestore.sh script to disclose admin credentials, then uses those credentials to execute arbitrary commands via the doPrefCommand method in the LSRoom_Remoting endpoint. Local privilege escalation to root is achieved by exploiting a PATH-based setuid binary (tcpdump_manager).

Classification

Working Poc 95%

Attack Type

Rce | Lpe | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: LifeSize Room 5.0.9

No auth needed

Prerequisites: Port 443 accessible on the target device · Network connectivity to the target

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation T1003 - OS Credential Dumping

devstral-2 · analyzed Feb 16, 2026 Full analysis →

LifeSize Room 5.0.9 - Multiple Vulnerabilities

Exploitation Summary

Description

Exploits (1)

Details