CVE-2005-0521

SendLink 1.5 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0521. PoCs published by Kozan.

AI-analyzed exploit summary This exploit reads sensitive information (host IP, hostname, port, options, serial, and registration code) from the SendLink v1.5 application's data file. It leverages improper storage of credentials in a local file to disclose them to an attacker with local access.

Description

SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.eat file, which allows local users to gain privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kozan · clocalwindows

https://www.exploit-db.com/exploits/835

View Code ZIP pw:eip

This exploit reads sensitive information (host IP, hostname, port, options, serial, and registration code) from the SendLink v1.5 application's data file. It leverages improper storage of credentials in a local file to disclose them to an attacker with local access.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SendLink v1.5

No auth needed

Prerequisites: Local access to the system where SendLink v1.5 is installed

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1013269

Scores

EPSS 0.0062

EPSS Percentile 45.0%

Details

Status published

Published Feb 23, 2005

Tracked Since Feb 18, 2026