EIP-2026-110311

PRE-CVE

OpenNetAdmin 13.03.01 - Remote Code Execution

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110311. PoCs published by Mandat0ry.

AI-analyzed exploit summary This exploit leverages an unauthenticated remote code execution vulnerability in OpenNetAdmin by injecting PHP code into the log file via the module description parameter. The log file is then included as a module, executing the injected code.

Description

OpenNetAdmin 13.03.01 - Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED
by Mandat0ry · textwebappsphp
https://www.exploit-db.com/exploits/26682

This exploit leverages an unauthenticated remote code execution vulnerability in OpenNetAdmin by injecting PHP code into the log file via the module description parameter. The log file is then included as a module, executing the injected code.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: OpenNetAdmin 13.03.01
No auth needed
Prerequisites: Access to the target's web interface · Write permissions to the log file
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026