EIP-2026-100711

PRE-CVE

John O'Fallon Responder.cgi 1.0 - Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100711. PoCs published by Epic.

AI-analyzed exploit summary This exploit demonstrates a denial of service (DoS) vulnerability in MacHTTP Server by sending an HTTP GET request with an excessively long query string to the 'responder.cgi' script, causing the server to freeze due to improper bounds checking.

Description

John O'Fallon Responder.cgi 1.0 - Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Epic · textdoscgi

https://www.exploit-db.com/exploits/21048

View Code ZIP pw:eip

This exploit demonstrates a denial of service (DoS) vulnerability in MacHTTP Server by sending an HTTP GET request with an excessively long query string to the 'responder.cgi' script, causing the server to freeze due to improper bounds checking.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: MacHTTP Server (version not specified)

No auth needed

Prerequisites: Network access to the target MacHTTP Server · The 'responder.cgi' script must be present and accessible

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026