EIP-2026-102106

PRE-CVE

Vodafone Mobile Wifi - Reset Admin Password

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102106. PoCs published by Daniele Linguaglossa.

AI-analyzed exploit summary This exploit performs a session token bruteforce attack against Vodafone Mobile WiFi routers to reset the admin password. It uses a multi-threaded approach to guess valid session tokens and then sends a factory reset command to change the password to 'admin'.

Description

Vodafone Mobile Wifi - Reset Admin Password

Exploits (1)

exploitdb WORKING POC

by Daniele Linguaglossa · pythonwebappshardware

https://www.exploit-db.com/exploits/40357

View Code ZIP pw:eip

This exploit performs a session token bruteforce attack against Vodafone Mobile WiFi routers to reset the admin password. It uses a multi-threaded approach to guess valid session tokens and then sends a factory reset command to change the password to 'admin'.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Vodafone Mobile WiFi router (specific version not specified)

No auth needed

Prerequisites: Network access to the router's admin interface (192.168.0.1) · Knowledge of approximate login time of the admin

MITRE ATT&CK

T1110 - Brute Force T1078 - Valid Accounts

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026