EIP-2026-101874

PRE-CVE

Netgear WiFi Router R6120 - Credential Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101874. PoCs published by Wadeek.

AI-analyzed exploit summary This exploit discloses credentials and bypasses security questions on NETGEAR R6120 routers by manipulating POST requests to reveal the admin password. It also demonstrates authenticated telnet command execution.

Description

Netgear WiFi Router R6120 - Credential Disclosure

Exploits (1)

exploitdb WORKING POC

by Wadeek · textwebappshardware

https://www.exploit-db.com/exploits/45741

View Code ZIP pw:eip

This exploit discloses credentials and bypasses security questions on NETGEAR R6120 routers by manipulating POST requests to reveal the admin password. It also demonstrates authenticated telnet command execution.

Classification

Working Poc 90%

Attack Type

Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: NETGEAR R6120 Firmware 1.0.0.30

No auth needed

Prerequisites: Network access to the router · Knowledge of the router's serial number

MITRE ATT&CK

T1552 - Unsecured Credentials T1110 - Brute Force

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026