EIP-2026-102666

PRE-CVE

Mabry Software FTPServer/X 1.0 - Controls Format String

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102666. PoCs published by Jan-Olivier Fillols.

AI-analyzed exploit summary This is a vulnerability writeup describing a format string vulnerability in FTPServer/X COM Object version 1.00.050. The issue allows remote attackers to crash the server or potentially execute arbitrary code via format string specifiers in FTP commands like 'user', 'mkdir', and 'rename'.

Description

Mabry Software FTPServer/X 1.0 - Controls Format String

Exploits (1)

exploitdb WRITEUP VERIFIED
by Jan-Olivier Fillols · textdoslinux
https://www.exploit-db.com/exploits/23539

This is a vulnerability writeup describing a format string vulnerability in FTPServer/X COM Object version 1.00.050. The issue allows remote attackers to crash the server or potentially execute arbitrary code via format string specifiers in FTP commands like 'user', 'mkdir', and 'rename'.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: FTPServer/X COM Object version 1.00.050
No auth needed
Prerequisites: Network access to the vulnerable FTP server
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026