EIP-2026-101969

PRE-CVE

Sagemcom F@ST 3864 V2 - Get Admin Password

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101969. PoCs published by Cade Bull.

AI-analyzed exploit summary This script exploits an authentication bypass vulnerability in Sagemcom F@ST 3864 V2 modems by fetching the admin password in clear text from the password.html page without requiring credentials. It uses wget to retrieve the page and extracts the password via grep and tr commands.

Description

Sagemcom F@ST 3864 V2 - Get Admin Password

Exploits (1)

exploitdb WORKING POC

by Cade Bull · bashwebappshardware

https://www.exploit-db.com/exploits/37801

View Code ZIP pw:eip

This script exploits an authentication bypass vulnerability in Sagemcom F@ST 3864 V2 modems by fetching the admin password in clear text from the password.html page without requiring credentials. It uses wget to retrieve the page and extracts the password via grep and tr commands.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Sagemcom F@ST 3864 V2 (Firmware Version: 7.253.2_F3864V2_Optus)

No auth needed

Prerequisites: Network access to the target modem · Modem's IP address

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026