EIP-2026-102122

PRE-CVE

WiseGiga NAS - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102122. PoCs published by Pierre Kim.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in WiseGiga NAS devices, including pre- and post-authentication local file inclusion, remote command execution as root, CSRF-based RCE, information leakage, and default credentials. The analysis includes proof-of-concept examples and technical explanations of the vulnerabilities.

Description

WiseGiga NAS - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Pierre Kim · textwebappshardware

https://www.exploit-db.com/exploits/42651

View Code ZIP pw:eip

This advisory details multiple vulnerabilities in WiseGiga NAS devices, including pre- and post-authentication local file inclusion, remote command execution as root, CSRF-based RCE, information leakage, and default credentials. The analysis includes proof-of-concept examples and technical explanations of the vulnerabilities.

Classification

Writeup 100%

Attack Type

Rce | Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: WiseGiga NAS devices

No auth needed

Prerequisites: Network access to the target device

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026