EIP-2026-102473

The exploit demonstrates multiple directory traversal vulnerabilities in Dalim Software ES Core, allowing unauthenticated attackers to read arbitrary files via crafted HTTP requests targeting parameters like 'orgName' and 'file'. The PoC includes curl commands and HTTP requests that successfully retrieve sensitive files (e.g., /etc/passwd).