EIP-2026-102144

PRE-CVE

Zyxel P-660HW-61 Firmware < 3.40(PE.11)C0 Router - Local File Inclusion

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102144. PoCs published by ReverseBrain.

AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Zyxel P-660HW-61 routers. By manipulating the 'getpage' parameter in the URL, an authenticated user can read arbitrary files from the device's filesystem.

Description

Zyxel P-660HW-61 Firmware < 3.40(PE.11)C0 Router - Local File Inclusion

Exploits (1)

exploitdb WORKING POC

by ReverseBrain · textwebappshardware

https://www.exploit-db.com/exploits/41998

View Code ZIP pw:eip

This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Zyxel P-660HW-61 routers. By manipulating the 'getpage' parameter in the URL, an authenticated user can read arbitrary files from the device's filesystem.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Zyxel P-660HW-61 < 3.40(PE.11)C0

Auth required

Prerequisites: Access to the router's web interface · Valid credentials for authentication

MITRE ATT&CK

T1005 - Data from Local System

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026