EIP-2026-117697

PRE-CVE

NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117697. PoCs published by sinn3r.

AI-analyzed exploit summary This script decodes intercepted NO-IP.com Dynamic DNS Update Client (DUC) v2.2.1 requests, revealing credentials by reversing a custom encoding scheme (base64, XOR, and string reversal). It operates in two modes: manual decoding or live sniffing on port 8245.

Description

NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm

Exploits (1)

exploitdb WORKING POC VERIFIED

by sinn3r · pythonlocalwindows

https://www.exploit-db.com/exploits/14029

View Code ZIP pw:eip

This script decodes intercepted NO-IP.com Dynamic DNS Update Client (DUC) v2.2.1 requests, revealing credentials by reversing a custom encoding scheme (base64, XOR, and string reversal). It operates in two modes: manual decoding or live sniffing on port 8245.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: NO-IP.com Dynamic DNS Update Client (DUC) v2.2.1

No auth needed

Prerequisites: Network access to intercept traffic on port 8245 · NO-IP DUC v2.2.1 sending unencrypted/encoded requests

MITRE ATT&CK

T1557 - Adversary-in-the-Middle T1040 - Network Sniffing

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026