EIP-2026-117977
PRE-CVESurfnet 1.31 - Unauthorized Account Depositing
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-117977. PoCs published by Rift_XT.
AI-analyzed exploit summary This is a writeup describing a vulnerability in Surfnet kiosks where repeated authentication attempts can double the user's time. The provided URL path suggests a command injection or parameter manipulation issue.
Description
Surfnet 1.31 - Unauthorized Account Depositing
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Rift_XT · textlocalwindows
https://www.exploit-db.com/exploits/23511
This is a writeup describing a vulnerability in Surfnet kiosks where repeated authentication attempts can double the user's time. The provided URL path suggests a command injection or parameter manipulation issue.
Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target:
Surfnet kiosks
Auth required
Prerequisites:
Access to a Surfnet kiosk · Valid or invalid credentials for authentication attempts
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026