EIP-2026-106402

PRE-CVE

Dell Kace 1000 SMA 5.4.70402 - Persistent Cross-Site Scripting

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106402. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary This is a detailed technical writeup describing multiple persistent XSS vulnerabilities in Dell Kace K1000 SMA v5.4.70402. The vulnerabilities are located in the 'Inventory' and 'Distribution' modules, allowing script injection via parameters like IP address, MAC address, and OS name.

Description

Dell Kace 1000 SMA 5.4.70402 - Persistent Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP

by Vulnerability-Lab · textwebappsphp

https://www.exploit-db.com/exploits/26893

View Code ZIP pw:eip

This is a detailed technical writeup describing multiple persistent XSS vulnerabilities in Dell Kace K1000 SMA v5.4.70402. The vulnerabilities are located in the 'Inventory' and 'Distribution' modules, allowing script injection via parameters like IP address, MAC address, and OS name.

Classification

Writeup 95%

Attack Type

Xss

Complexity

Moderate

Reliability

Reliable

Target: Dell Kace K1000 SMA v5.4.70402

Auth required

Prerequisites: Access to the vulnerable modules · Low-privilege application user account

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026