EIP-2026-103238
PRE-CVEViola DVR VIO-4/1000 - Multiple Directory Traversal Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-103238. PoCs published by QSecure.
AI-analyzed exploit summary The exploit demonstrates a directory traversal vulnerability in Viola DVR by crafting URLs that access sensitive files (e.g., /etc/passwd) via unsanitized input in the 'FILEFAIL' and 'FILECAMERA' parameters. This allows unauthorized information disclosure.
Description
Viola DVR VIO-4/1000 - Multiple Directory Traversal Vulnerabilities
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by QSecure · textremotelinux
https://www.exploit-db.com/exploits/35644
The exploit demonstrates a directory traversal vulnerability in Viola DVR by crafting URLs that access sensitive files (e.g., /etc/passwd) via unsanitized input in the 'FILEFAIL' and 'FILECAMERA' parameters. This allows unauthorized information disclosure.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Viola DVR VIO-4/1000
No auth needed
Prerequisites:
Network access to the target device
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026