EIP-2026-103244

PRE-CVE

WIDZ 1.0/1.5 - Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103244. PoCs published by kf.

AI-analyzed exploit summary This exploit leverages command injection in WIDZ by setting an unauthorized access point's ESSID to a malicious payload. The system() call in the alert generation process executes the injected command, leading to remote code execution.

Description

WIDZ 1.0/1.5 - Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by kf · textremotelinux

https://www.exploit-db.com/exploits/23054

View Code ZIP pw:eip

This exploit leverages command injection in WIDZ by setting an unauthorized access point's ESSID to a malicious payload. The system() call in the alert generation process executes the injected command, leading to remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WIDZ (version not specified)

No auth needed

Prerequisites: Access to configure an unauthorized wireless access point · Victim system running WIDZ with vulnerable alert generation

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026