EIP-2026-100944

PRE-CVE

Zen Load Balancer 3.10.1 - Directory Traversal (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100944. PoCs published by Dhiraj Mishra.

AI-analyzed exploit summary This Metasploit module exploits an authenticated directory traversal vulnerability in Zen Load Balancer v3.10.1 via the 'filelog' parameter in 'index.cgi', allowing arbitrary file reads.

Description

Zen Load Balancer 3.10.1 - Directory Traversal (Metasploit)

Exploits (1)

exploitdb WORKING POC

by Dhiraj Mishra · rubywebappscgi

https://www.exploit-db.com/exploits/48373

View Code ZIP pw:eip

This Metasploit module exploits an authenticated directory traversal vulnerability in Zen Load Balancer v3.10.1 via the 'filelog' parameter in 'index.cgi', allowing arbitrary file reads.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Zen Load Balancer v3.10.1

Auth required

Prerequisites: Valid credentials for Zen Load Balancer · Network access to the target

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026