EIP-2026-104693
PRE-CVEABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-104693. PoCs published by LiquidWorm.
AI-analyzed exploit summary This exploit demonstrates an unauthenticated blind command injection vulnerability in ABB Cylon Aspect's factorySetSerialNum.php. The vulnerability allows arbitrary command execution via the 'serial' and 'ManufactureDate' POST parameters, which are not properly sanitized.
Description
ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution
Exploits (1)
This exploit demonstrates an unauthenticated blind command injection vulnerability in ABB Cylon Aspect's factorySetSerialNum.php. The vulnerability allows arbitrary command execution via the 'serial' and 'ManufactureDate' POST parameters, which are not properly sanitized.