EIP-2026-104247

PRE-CVE

EyesOfNetwork 5.3 - RCE & PrivEsc

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104247. PoCs published by Audencia Business SCHOOL Red Team.

AI-analyzed exploit summary The exploit demonstrates an authenticated remote code execution (RCE) vulnerability in EyesOfNetwork 5.3 via the 'autodiscovery.php' page, where the 'target' input is not sanitized, allowing command injection. It also details a privilege escalation (PrivEsc) method leveraging sudo misconfiguration on the 'nmap' binary.

Description

EyesOfNetwork 5.3 - RCE & PrivEsc

Exploits (1)

exploitdb WORKING POC

by Audencia Business SCHOOL Red Team · textwebappsmultiple

https://www.exploit-db.com/exploits/49402

View Code ZIP pw:eip

The exploit demonstrates an authenticated remote code execution (RCE) vulnerability in EyesOfNetwork 5.3 via the 'autodiscovery.php' page, where the 'target' input is not sanitized, allowing command injection. It also details a privilege escalation (PrivEsc) method leveraging sudo misconfiguration on the 'nmap' binary.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: EyesOfNetwork 5.3

Auth required

Prerequisites: Access to the '/autodiscovery.php' page · Valid credentials for authentication · Network connectivity to the target

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026