EIP-2026-102103

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102103. PoCs published by Andrea Fabrizi.

AI-analyzed exploit summary This is a detailed advisory describing multiple vulnerabilities in Visual Tools DVR systems, including password disclosure, default credentials, log file exposure, command injection, and privilege escalation via insecure permissions. No actual exploit code is provided, only descriptions and manual steps.

Description

Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Andrea Fabrizi · textwebappshardware

https://www.exploit-db.com/exploits/22005

View Code ZIP pw:eip

This is a detailed advisory describing multiple vulnerabilities in Visual Tools DVR systems, including password disclosure, default credentials, log file exposure, command injection, and privilege escalation via insecure permissions. No actual exploit code is provided, only descriptions and manual steps.

Classification

Writeup 100%

Attack Type

Info Leak | Auth Bypass | Rce | Lpe

Complexity

Trivial

Reliability

Reliable

Target: Visual Tools DVR VS Series <= 3.0.6.16, VX Series <= 4.2.19.2

No auth needed

Prerequisites: Network access to the DVR system · For some exploits, valid session ID or authentication

MITRE ATT&CK

T1552 - Unsecured Credentials T1078 - Valid Accounts T1213 - Data from Information Repositories T1202 - Indirect Command Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities

Exploitation Summary

Description

Exploits (1)

Details