EIP-2026-102195

PRE-CVE

Air Drive Plus - Multiple Input Validation Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102195. PoCs published by Benjamin Kunz Mejri.

AI-analyzed exploit summary The provided text describes multiple input validation vulnerabilities in Air Drive Plus, including local file inclusion, arbitrary file upload, and HTML injection. It includes example URLs demonstrating these vulnerabilities but lacks executable exploit code.

Description

Air Drive Plus - Multiple Input Validation Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by Benjamin Kunz Mejri · textremoteios

https://www.exploit-db.com/exploits/38634

View Code ZIP pw:eip

The provided text describes multiple input validation vulnerabilities in Air Drive Plus, including local file inclusion, arbitrary file upload, and HTML injection. It includes example URLs demonstrating these vulnerabilities but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Air Drive Plus 2.4

No auth needed

Prerequisites: Access to the vulnerable Air Drive Plus application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026