EIP-2026-104475

PRE-CVE

Verax NMS - Multiple Method Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104475. PoCs published by Andrew Brooks.

AI-analyzed exploit summary This Python script exploits an information disclosure vulnerability in Verax NMS by leveraging AMF deserialization to retrieve all user data via the 'userService.getAllUsers()' method. It uses the PyAMF library to interact with the AMF endpoint, demonstrating unauthorized access to sensitive information.

Description

Verax NMS - Multiple Method Authentication Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by Andrew Brooks · pythonwebappsmultiple

https://www.exploit-db.com/exploits/38366

View Code ZIP pw:eip

This Python script exploits an information disclosure vulnerability in Verax NMS by leveraging AMF deserialization to retrieve all user data via the 'userService.getAllUsers()' method. It uses the PyAMF library to interact with the AMF endpoint, demonstrating unauthorized access to sensitive information.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Verax NMS < 2.1.0

No auth needed

Prerequisites: Network access to the Verax NMS AMF endpoint · PyAMF library installed

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1119 - Automated Collection

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026