EIP-2026-104077
PRE-CVEsipdroid 2.2 - SIP INVITE Response User Enumeration
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-104077. PoCs published by Anibal Vaz Marques.
AI-analyzed exploit summary This script is a SIP extension enumerator for SIPDroid, leveraging a user-enumeration weakness by sending INVITE requests and parsing responses for valid extensions. It does not exploit a vulnerability but scans for valid usernames.
Description
sipdroid 2.2 - SIP INVITE Response User Enumeration
Exploits (1)
exploitdb
SCANNER
VERIFIED
by Anibal Vaz Marques · pythonremotemultiple
https://www.exploit-db.com/exploits/35703
This script is a SIP extension enumerator for SIPDroid, leveraging a user-enumeration weakness by sending INVITE requests and parsing responses for valid extensions. It does not exploit a vulnerability but scans for valid usernames.
Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target:
SIPDroid 1.6.1, 2.0.1, 2.2 (and potentially other versions)
No auth needed
Prerequisites:
Network access to the target SIP server · Knowledge of the target IP address
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026