EIP-2026-101876

PRE-CVE

Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101876. PoCs published by Elliott Lewis.

AI-analyzed exploit summary The exploit demonstrates an authentication bypass and privilege escalation vulnerability in NETGEAR WMS5316 by injecting an '&' symbol in the password field during login, allowing unauthorized access and admin user creation. The PoC uses crafted HTTP requests to exploit the flaw.

Description

Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation

Exploits (1)

exploitdb WORKING POC
by Elliott Lewis · textwebappshardware
https://www.exploit-db.com/exploits/38097

The exploit demonstrates an authentication bypass and privilege escalation vulnerability in NETGEAR WMS5316 by injecting an '&' symbol in the password field during login, allowing unauthorized access and admin user creation. The PoC uses crafted HTTP requests to exploit the flaw.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: NETGEAR WMS5316 ProSafe 16AP Wireless Management System Firmware 2.1.4.15 (Build 1236)
No auth needed
Prerequisites: Network access to the target device · WMS5316 running vulnerable firmware
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026