EIP-2026-102068

PRE-CVE

TP-Link TL-WR740N - Authenticated Directory Transversal

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102068. PoCs published by Anish Feroz.

AI-analyzed exploit summary This exploit demonstrates an authenticated directory traversal vulnerability in TP-Link TL-WR740N routers, allowing an attacker to read sensitive files like /etc/shadow via crafted HTTP requests. The PoC includes a valid request-response pair showing successful retrieval of the shadow file.

Description

TP-Link TL-WR740N - Authenticated Directory Transversal

Exploits (1)

exploitdb WORKING POC

by Anish Feroz · textwebappshardware

https://www.exploit-db.com/exploits/51606

View Code ZIP pw:eip

This exploit demonstrates an authenticated directory traversal vulnerability in TP-Link TL-WR740N routers, allowing an attacker to read sensitive files like /etc/shadow via crafted HTTP requests. The PoC includes a valid request-response pair showing successful retrieval of the shadow file.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: TP-Link TL-WR740N 3.12.11 Build 110915 Rel.40896n

Auth required

Prerequisites: Valid admin credentials for the router

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026