EIP-2026-102158

PRE-CVE

Cisco AnyConnect Secure Mobility Client 4.6.01099 - 'Introducir URL' Denial of Service (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102158. PoCs published by Luis Martínez.

AI-analyzed exploit summary This PoC exploits a local Denial of Service (DoS) vulnerability in Cisco AnyConnect Secure Mobility Client by generating an overly large buffer (12,380,000 bytes) and pasting it into the 'Introducir URL' field, causing the application to crash.

Description

Cisco AnyConnect Secure Mobility Client 4.6.01099 - 'Introducir URL' Denial of Service (PoC)

Exploits (1)

exploitdb WORKING POC

by Luis Martínez · pythondosios

https://www.exploit-db.com/exploits/45297

View Code ZIP pw:eip

This PoC exploits a local Denial of Service (DoS) vulnerability in Cisco AnyConnect Secure Mobility Client by generating an overly large buffer (12,380,000 bytes) and pasting it into the 'Introducir URL' field, causing the application to crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Cisco AnyConnect Secure Mobility Client 4.6.01099

No auth needed

Prerequisites: Access to the target iOS device · Cisco AnyConnect Secure Mobility Client installed

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026