EIP-2026-101857

PRE-CVE

NetGear D1500 V1.0.0.21_1.0.1PE - 'Wireless Repeater' Stored Cross-Site Scripting (XSS)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101857. PoCs published by Securityium.

AI-analyzed exploit summary This is a technical writeup describing a stored XSS vulnerability in NetGear D1500 routers. The vulnerability occurs due to improper sanitization of SSID names in the Wireless Repeater function, allowing an attacker to execute arbitrary JavaScript in the context of the admin panel.

Description

NetGear D1500 V1.0.0.21_1.0.1PE - 'Wireless Repeater' Stored Cross-Site Scripting (XSS)

Exploits (1)

exploitdb WRITEUP

by Securityium · textwebappshardware

https://www.exploit-db.com/exploits/50201

View Code ZIP pw:eip

This is a technical writeup describing a stored XSS vulnerability in NetGear D1500 routers. The vulnerability occurs due to improper sanitization of SSID names in the Wireless Repeater function, allowing an attacker to execute arbitrary JavaScript in the context of the admin panel.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: NetGear D1500 V1.0.0.21_1.0.1PE

Auth required

Prerequisites: Admin access to the router's web interface · Presence of a malicious SSID in the vicinity

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026