EIP-2026-102348

PRE-CVE

PowerFolder Server 10.4.321 - Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102348. PoCs published by Hans-Martin Muench.

AI-analyzed exploit summary This advisory describes a remote code execution vulnerability in PowerFolder Server 10.4.321 due to unsafe deserialization of Java objects. The exploit leverages a modified Apache Commons library, bypassing removed dangerous classes to achieve RCE via a gadget chain.

Description

PowerFolder Server 10.4.321 - Remote Code Execution

Exploits (1)

exploitdb WRITEUP VERIFIED

by Hans-Martin Muench · textremotejava

https://www.exploit-db.com/exploits/39854

View Code ZIP pw:eip

This advisory describes a remote code execution vulnerability in PowerFolder Server 10.4.321 due to unsafe deserialization of Java objects. The exploit leverages a modified Apache Commons library, bypassing removed dangerous classes to achieve RCE via a gadget chain.

Classification

Writeup 100%

Attack Type

Deserialization

Complexity

Moderate

Reliability

Reliable

Target: PowerFolder Server 10.4.321 (Linux/Windows)

No auth needed

Prerequisites: Network access to TCP port 1337 · PowerFolder Server 10.4.321 or potentially other versions

MITRE ATT&CK

T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026