EIP-2026-101189

PRE-CVE

Check Point FW-1 Syslog Daemon - Unfiltered Escape Sequence

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101189. PoCs published by Dr. Peter Bieringer.

AI-analyzed exploit summary This exploit demonstrates a vulnerability in the Check Point FW-1 syslog daemon where malformed syslog messages containing escape sequences can cause unpredictable behavior. The PoC sends a crafted syslog message with escape sequences via UDP to port 514, potentially disrupting the syslog daemon's normal operation.

Description

Check Point FW-1 Syslog Daemon - Unfiltered Escape Sequence

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dr. Peter Bieringer · textremotehardware
https://www.exploit-db.com/exploits/22394

This exploit demonstrates a vulnerability in the Check Point FW-1 syslog daemon where malformed syslog messages containing escape sequences can cause unpredictable behavior. The PoC sends a crafted syslog message with escape sequences via UDP to port 514, potentially disrupting the syslog daemon's normal operation.

Classification
Working Poc 80%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Check Point FW-1 syslog daemon
No auth needed
Prerequisites: Network access to the target syslog daemon (UDP port 514)
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026