EIP-2026-102026

PRE-CVE

SOYAL Biometric Access Control System 5.0 - Master Code Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102026. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates an information leakage vulnerability in SOYAL Biometric Access Control System 5.0, where sensitive codes (Master Code and Arming Code) are transmitted in cleartext via HTTP. An attacker can intercept these codes via a man-in-the-middle attack to bypass physical security controls.

Description

SOYAL Biometric Access Control System 5.0 - Master Code Disclosure

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/49676

View Code ZIP pw:eip

This exploit demonstrates an information leakage vulnerability in SOYAL Biometric Access Control System 5.0, where sensitive codes (Master Code and Arming Code) are transmitted in cleartext via HTTP. An attacker can intercept these codes via a man-in-the-middle attack to bypass physical security controls.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SOYAL Biometric Access Control System 5.0 and related firmware versions

Auth required

Prerequisites: Network access to the target device · Basic authentication credentials

MITRE ATT&CK

T1040 - Network Sniffing T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026