EIP-2026-101967

PRE-CVE

Sagem FAST3304-V2 - Authentication Bypass (2)

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101967. PoCs published by Soufiane Alami Hassani.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Sagem FAST3304-V2 routers by injecting JavaScript to redirect users to a password change page without proper authentication. The PoC leverages a client-side JavaScript injection to manipulate the router's interface.

Description

Sagem FAST3304-V2 - Authentication Bypass (2)

Exploits (1)

exploitdb WORKING POC
by Soufiane Alami Hassani · textwebappshardware
https://www.exploit-db.com/exploits/38553

This exploit demonstrates an authentication bypass vulnerability in Sagem FAST3304-V2 routers by injecting JavaScript to redirect users to a password change page without proper authentication. The PoC leverages a client-side JavaScript injection to manipulate the router's interface.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Sagem FAST3304-V2
No auth needed
Prerequisites: Access to the router's web interface
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026