EIP-2026-101840

PRE-CVE

Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101840. PoCs published by Maximilian Barz.

AI-analyzed exploit summary This exploit demonstrates a privilege escalation vulnerability in Macally WIFISD2-2A82 firmware version 2.000.010, allowing a guest user to change the admin password and gain root access via Telnet. It leverages improper authentication checks in the web interface to escalate privileges.

Description

Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation

Exploits (1)

exploitdb WORKING POC

by Maximilian Barz · pythonwebappshardware

https://www.exploit-db.com/exploits/49256

View Code ZIP pw:eip

This exploit demonstrates a privilege escalation vulnerability in Macally WIFISD2-2A82 firmware version 2.000.010, allowing a guest user to change the admin password and gain root access via Telnet. It leverages improper authentication checks in the web interface to escalate privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Macally WIFISD2-2A82 firmware 2.000.010

Auth required

Prerequisites: Network access to the device · Guest credentials

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1110 - Brute Force

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026