EIP-2026-101911

PRE-CVE

Pelco Sarix/Spectra Cameras - Cross-Site Request Forgery (Enable SSH Root Access)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101911. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in Schneider Electric Pelco Sarix/Spectra cameras, allowing an attacker to enable SSH root access or add an admin user via crafted HTTP requests. The PoC includes HTML forms that submit malicious POST requests to the target device.

Description

Pelco Sarix/Spectra Cameras - Cross-Site Request Forgery (Enable SSH Root Access)

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/42308

View Code ZIP pw:eip

This exploit demonstrates a CSRF vulnerability in Schneider Electric Pelco Sarix/Spectra cameras, allowing an attacker to enable SSH root access or add an admin user via crafted HTTP requests. The PoC includes HTML forms that submit malicious POST requests to the target device.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Schneider Electric Pelco Sarix/Spectra Cameras (Multiple Models and Firmware Versions)

No auth needed

Prerequisites: Victim must visit a malicious webpage while authenticated to the camera's interface

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026