EIP-2026-102357

PRE-CVE

APC PowerChute Network Shutdown - HTTP Response Splitting / Cross-Site Scripting

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102357. PoCs published by Digital Security Research Group.

AI-analyzed exploit summary The document describes HTTP response splitting and XSS vulnerabilities in APC PowerChute Network Shutdown, detailing specific attack vectors and example payloads. It includes technical details about vulnerable parameters and server responses.

Description

APC PowerChute Network Shutdown - HTTP Response Splitting / Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP VERIFIED

by Digital Security Research Group · htmlwebappsjava

https://www.exploit-db.com/exploits/32821

View Code ZIP pw:eip

The document describes HTTP response splitting and XSS vulnerabilities in APC PowerChute Network Shutdown, detailing specific attack vectors and example payloads. It includes technical details about vulnerable parameters and server responses.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: APC PowerChute Network Shutdown

No auth needed

Prerequisites: Network access to the vulnerable application

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026