EIP-2026-105669

PRE-CVE

C.P.Sub 4.5 - Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105669. PoCs published by Chako.

AI-analyzed exploit summary This exploit describes an authentication bypass vulnerability in C.P.Sub <= v4.5, where the 'user_com' parameter can be manipulated to gain admin privileges. It also mentions default accounts that allow access to the back-end management page.

Description

C.P.Sub 4.5 - Authentication Bypass

Exploits (1)

exploitdb WRITEUP

by Chako · pythonwebappsphp

https://www.exploit-db.com/exploits/26521

View Code ZIP pw:eip

This exploit describes an authentication bypass vulnerability in C.P.Sub <= v4.5, where the 'user_com' parameter can be manipulated to gain admin privileges. It also mentions default accounts that allow access to the back-end management page.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: C.P.Sub <= v4.5

No auth needed

Prerequisites: Access to the target application

MITRE ATT&CK

T1110 - Brute Force T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026