EIP-2026-104241

PRE-CVE

Ericom Access Server x64 9.2.0 - Server-Side Request Forgery

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104241. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This exploit demonstrates a Server-Side Request Forgery (SSRF) vulnerability in Ericom Access Server x64 9.2.0. It uses WebSocket connections to probe arbitrary hosts and ports, returning whether the port is open or closed based on the server's response.

Description

Ericom Access Server x64 9.2.0 - Server-Side Request Forgery

Exploits (1)

exploitdb WORKING POC

by hyp3rlinx · textwebappsmultiple

https://www.exploit-db.com/exploits/48765

View Code ZIP pw:eip

This exploit demonstrates a Server-Side Request Forgery (SSRF) vulnerability in Ericom Access Server x64 9.2.0. It uses WebSocket connections to probe arbitrary hosts and ports, returning whether the port is open or closed based on the server's response.

Classification

Working Poc 100%

Attack Type

Ssrf

Complexity

Trivial

Reliability

Reliable

Target: Ericom Access Server x64 for (AccessNow & Ericom Blaze) v9.2.0

No auth needed

Prerequisites: Network access to the vulnerable Ericom Access Server · Python with websocket-client library installed

MITRE ATT&CK

T1083 - File and Directory Discovery T1133 - External Remote Services

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026