EIP-2026-112909

PRE-CVE

up.time Software 5 - Administration Interface Remote Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112909. PoCs published by James Burton.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in up.time software by manipulating URL parameters to gain unauthorized admin access. The attack involves setting specific query parameters to bypass authentication checks.

Description

up.time Software 5 - Administration Interface Remote Authentication Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by James Burton · textwebappsphp

https://www.exploit-db.com/exploits/35668

View Code ZIP pw:eip

This exploit demonstrates an authentication bypass vulnerability in up.time software by manipulating URL parameters to gain unauthorized admin access. The attack involves setting specific query parameters to bypass authentication checks.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: up.time 5

No auth needed

Prerequisites: Network access to the target system · up.time software version 5 or potentially other versions

MITRE ATT&CK

T1110.001 - Password Guessing T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026