EIP-2026-101838

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101838. PoCs published by b0telh0.

AI-analyzed exploit summary This exploit demonstrates a stored cross-site scripting (XSS) vulnerability in Longshine print servers (LCS-PS110, LCS-PS101-A, LCS-PS112) due to improper sanitization of the 'NDSContext' field in the NetWare NDS Settings area. The PoC provides a URL to inject arbitrary JavaScript code, which executes when accessing the NETWARE.HTM page.

Description

Longshine Multiple Print Servers - Cross-Site Scripting

Exploits (1)

exploitdb WORKING POC

by b0telh0 · textwebappshardware

https://www.exploit-db.com/exploits/17116

View Code ZIP pw:eip

This exploit demonstrates a stored cross-site scripting (XSS) vulnerability in Longshine print servers (LCS-PS110, LCS-PS101-A, LCS-PS112) due to improper sanitization of the 'NDSContext' field in the NetWare NDS Settings area. The PoC provides a URL to inject arbitrary JavaScript code, which executes when accessing the NETWARE.HTM page.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Longshine LCS-PS110, LCS-PS101-A, LCS-PS112 Print Servers (Firmware versions: 9.08.47L 0015, 8.02.30L, 6.02.35L, 6.03.39L 0007, 6.03.39L 0004)

No auth needed

Prerequisites: Network access to the vulnerable print server · Victim must access the NETWARE.HTM page after injection

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Longshine Multiple Print Servers - Cross-Site Scripting

Exploitation Summary

Description

Exploits (1)

Details