EIP-2026-101863

PRE-CVE

Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101863. PoCs published by Andrew Horton.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in NETGEAR DGN2200, including command injection via ping and DNS lookup functions, CSRF in UPnP, and other misconfigurations. It provides functional PoC code for achieving remote command execution and firewall manipulation.

Description

Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by Andrew Horton · textwebappshardware

https://www.exploit-db.com/exploits/31617

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in NETGEAR DGN2200, including command injection via ping and DNS lookup functions, CSRF in UPnP, and other misconfigurations. It provides functional PoC code for achieving remote command execution and firewall manipulation.

Classification

Working Poc 100%

Attack Type

Rce | Auth Bypass | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: NETGEAR N300 Wireless ADSL2+ Modem Router DGN2200 (Firmware V1.0.0.36-7.0.37)

Auth required

Prerequisites: Authenticated access to the web interface for command injection · Victim interaction for CSRF-based UPnP exploitation

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026