EIP-2026-102302

PRE-CVE

UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102302. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary The exploit demonstrates a local file include vulnerability and an arbitrary file upload vulnerability in UbiDisk File Manager v2.0 iOS. The PoC shows how an attacker can include local files or upload malicious files with multiple extensions to bypass validation.

Description

UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by Vulnerability-Lab · textwebappsios

https://www.exploit-db.com/exploits/28977

View Code ZIP pw:eip

The exploit demonstrates a local file include vulnerability and an arbitrary file upload vulnerability in UbiDisk File Manager v2.0 iOS. The PoC shows how an attacker can include local files or upload malicious files with multiple extensions to bypass validation.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: UbiDisk File Manager v2.0 iOS

No auth needed

Prerequisites: Network access to the target device · UbiDisk File Manager v2.0 installed on iOS

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026