EIP-2026-103226

PRE-CVE

SquidGuard 1.x - NULL URL Character Unauthorized Access

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103226. PoCs published by Petko Popadiyski.

AI-analyzed exploit summary The exploit describes a remote NULL URL character unauthorized access vulnerability in SquidGuard. The issue arises from improper filtering of invalid URIs, allowing attackers to bypass access controls and gain unauthorized access to sensitive resources.

Description

SquidGuard 1.x - NULL URL Character Unauthorized Access

Exploits (1)

exploitdb WRITEUP VERIFIED
by Petko Popadiyski · textremotelinux
https://www.exploit-db.com/exploits/23848

The exploit describes a remote NULL URL character unauthorized access vulnerability in SquidGuard. The issue arises from improper filtering of invalid URIs, allowing attackers to bypass access controls and gain unauthorized access to sensitive resources.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: SquidGuard
No auth needed
Prerequisites: Network access to the target SquidGuard instance
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026