EIP-2026-101835

PRE-CVE

Linksys Routers - Cross-Site Request Forgery

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101835. PoCs published by Martin Barbella.

AI-analyzed exploit summary This exploit demonstrates CSRF vulnerabilities in Linksys routers (WRT54G2, WRT54G, BEFSR41) by submitting crafted forms or image requests to change the admin password and enable remote management on port 31337. It leverages default credentials and browser behavior to execute unauthorized actions.

Description

Linksys Routers - Cross-Site Request Forgery

Exploits (1)

exploitdb WORKING POC

by Martin Barbella · textwebappshardware

https://www.exploit-db.com/exploits/15675

View Code ZIP pw:eip

This exploit demonstrates CSRF vulnerabilities in Linksys routers (WRT54G2, WRT54G, BEFSR41) by submitting crafted forms or image requests to change the admin password and enable remote management on port 31337. It leverages default credentials and browser behavior to execute unauthorized actions.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Linksys WRT54G2 (v1.5, firmware 1.50), WRT54G (v6, firmware 1.02.8), BEFSR41 (v3, firmware 1.06.01)

No auth needed

Prerequisites: Victim must be on the same network as the router · Router must use default credentials or weak password · Victim must visit a malicious webpage

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026