EIP-2026-101897

PRE-CVE

NPM-V (Network Power Manager) 2.4.1 - Password Reset

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101897. PoCs published by Saeed reza Zamanian.

AI-analyzed exploit summary This is a writeup describing an authentication bypass vulnerability in NPM-V (Network Power Manager) versions <= 2.4.1. The vulnerability allows unauthenticated access to management console pages, including user addition and password changes.

Description

NPM-V (Network Power Manager) 2.4.1 - Password Reset

Exploits (1)

exploitdb WRITEUP

by Saeed reza Zamanian · textwebappshardware

https://www.exploit-db.com/exploits/42933

View Code ZIP pw:eip

This is a writeup describing an authentication bypass vulnerability in NPM-V (Network Power Manager) versions <= 2.4.1. The vulnerability allows unauthenticated access to management console pages, including user addition and password changes.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: NPM-V (Network Power Manager) <= 2.4.1

No auth needed

Prerequisites: network access to the device

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026