EIP-2026-118368

PRE-CVE

ClearSCADA - Remote Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118368. PoCs published by Jeremy Brown.

AI-analyzed exploit summary This exploit triggers an exception in ClearSCADA's dbserver.exe to force it into 'Safe Mode', bypassing authentication and exposing diagnostic functions. It sends three crafted packets to induce the exception and checks if the diagnostic page is accessible without authentication.

Description

ClearSCADA - Remote Authentication Bypass

Exploits (1)

exploitdb WORKING POC

by Jeremy Brown · pythonremotewindows

https://www.exploit-db.com/exploits/35924

View Code ZIP pw:eip

This exploit triggers an exception in ClearSCADA's dbserver.exe to force it into 'Safe Mode', bypassing authentication and exposing diagnostic functions. It sends three crafted packets to induce the exception and checks if the diagnostic page is accessible without authentication.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: ClearSCADA 2010R1

No auth needed

Prerequisites: Network access to the target system · ClearSCADA 2010R1 running on Windows

MITRE ATT&CK

T1562.001 - Disable or Modify Tools T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026