EIP-2026-101888

PRE-CVE

netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101888. PoCs published by Karn Ganeshen.

AI-analyzed exploit summary This document details multiple vulnerabilities in netis RealTek wireless routers, including default credentials, backdoor accounts, CSRF, weak RBAC, and sensitive information exposure. It provides technical descriptions and HTTP request examples for exploitation.

Description

netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Karn Ganeshen · textwebappshardware

https://www.exploit-db.com/exploits/38470

View Code ZIP pw:eip

This document details multiple vulnerabilities in netis RealTek wireless routers, including default credentials, backdoor accounts, CSRF, weak RBAC, and sensitive information exposure. It provides technical descriptions and HTTP request examples for exploitation.

Classification

Writeup 90%

Attack Type

Auth Bypass | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: netis RealTek wireless router / ADSL modem (Firmware version RTK v2.1.1)

No auth needed

Prerequisites: network access to the device · knowledge of default credentials or backdoor accounts

MITRE ATT&CK

T1110 - Brute Force T1078 - Valid Accounts T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026