EIP-2026-104118

PRE-CVE

Vivotek IP Cameras - Remote Stack Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104118. PoCs published by bashis.

AI-analyzed exploit summary This exploit demonstrates a remote stack overflow vulnerability in Vivotek IP cameras by sending a malformed HTTP PUT/POST request with an overly long Content-Length header. The PoC triggers a segmentation fault by overwriting registers (R4-R11) and the program counter (PC), confirming the vulnerability.

Description

Vivotek IP Cameras - Remote Stack Overflow (PoC)

Exploits (1)

exploitdb WORKING POC

by bashis · textremotemultiple

https://www.exploit-db.com/exploits/44001

View Code ZIP pw:eip

This exploit demonstrates a remote stack overflow vulnerability in Vivotek IP cameras by sending a malformed HTTP PUT/POST request with an overly long Content-Length header. The PoC triggers a segmentation fault by overwriting registers (R4-R11) and the program counter (PC), confirming the vulnerability.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Vivotek IP Cameras (multiple models, firmware versions from 2017)

No auth needed

Prerequisites: Network access to the vulnerable camera · Camera running affected firmware (2017 versions)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026