EIP-2026-103119

PRE-CVE

GNU gdbserver 9.2 - Remote Command Execution (RCE)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103119. PoCs published by Roberto Gesteira Miñarro.

AI-analyzed exploit summary This exploit targets GNU gdbserver 9.2, leveraging the remote protocol to inject shellcode into the debugged process. It supports both x64 and x86 architectures, using the 'M' packet to write payloads and 'vCont' to resume execution.

Description

GNU gdbserver 9.2 - Remote Command Execution (RCE)

Exploits (1)

exploitdb WORKING POC

by Roberto Gesteira Miñarro · pythonremotelinux

https://www.exploit-db.com/exploits/50539

View Code ZIP pw:eip

This exploit targets GNU gdbserver 9.2, leveraging the remote protocol to inject shellcode into the debugged process. It supports both x64 and x86 architectures, using the 'M' packet to write payloads and 'vCont' to resume execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: GNU gdbserver 9.2 (Ubuntu 9.2-0ubuntu1~20.04)

No auth needed

Prerequisites: gdbserver running with remote debugging enabled · network access to the target · pre-generated shellcode file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026