EIP-2026-100726

PRE-CVE

Sambar Server 4.1 Beta - Admin Access

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100726. PoCs published by Michiel de Weerd.

AI-analyzed exploit summary This is a technical writeup describing an information disclosure vulnerability in Sambar Server's 'dumpenv.pl' utility and an authentication bypass using default credentials. It provides specific HTTP request paths to exploit these issues.

Description

Sambar Server 4.1 Beta - Admin Access

Exploits (1)

exploitdb WRITEUP VERIFIED

by Michiel de Weerd · textremotecgi

https://www.exploit-db.com/exploits/20570

View Code ZIP pw:eip

This is a technical writeup describing an information disclosure vulnerability in Sambar Server's 'dumpenv.pl' utility and an authentication bypass using default credentials. It provides specific HTTP request paths to exploit these issues.

Classification

Writeup 90%

Attack Type

Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Sambar Server (version not specified)

No auth needed

Prerequisites: Default admin credentials not changed · Access to the target server's web interface

MITRE ATT&CK

T1592 - Gather Victim Host Information T1078 - Valid Accounts

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026