EIP-2026-103180

PRE-CVE

op5 7.1.9 - Configuration Command Execution (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103180. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in op5 Monitor v7.1.9 and below by abusing the 'Test this command' feature in the configuration page to achieve remote code execution as an unprivileged user.

Description

op5 7.1.9 - Configuration Command Execution (Metasploit)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/39973

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in op5 Monitor v7.1.9 and below by abusing the 'Test this command' feature in the configuration page to achieve remote code execution as an unprivileged user.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: op5 Monitor v7.1.9 and below

Auth required

Prerequisites: Valid credentials for the op5 Monitor application · Network access to the target system

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026