EIP-2026-102135

PRE-CVE

ZO Tech Multiple Print Servers - Cross-Site Scripting

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102135. PoCs published by b0telh0.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in multiple ZO Tech Print Servers. The vulnerability allows arbitrary script execution via the 'NDSContext' field in the 'NetWare NDS Settings' area, which is then triggered when accessing the Netware status page.

Description

ZO Tech Multiple Print Servers - Cross-Site Scripting

Exploits (1)

exploitdb WORKING POC

by b0telh0 · textwebappshardware

https://www.exploit-db.com/exploits/17115

View Code ZIP pw:eip

This exploit demonstrates a stored XSS vulnerability in multiple ZO Tech Print Servers. The vulnerability allows arbitrary script execution via the 'NDSContext' field in the 'NetWare NDS Settings' area, which is then triggered when accessing the Netware status page.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: ZO Tech PA101, PU201, PA301, PS531 Print Servers (multiple firmware versions)

No auth needed

Prerequisites: Access to the web interface of the vulnerable print server

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026