EIP-2026-103228

PRE-CVE

Subversion 0.3.7/1.0.0 - Remote Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103228. PoCs published by greuff.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Subversion servers (1.0.0 and 0.37) to achieve remote code execution. It uses a two-stage payload: the first stage searches for the socket file descriptor and reads the second stage, which spawns a shell.

Description

Subversion 0.3.7/1.0.0 - Remote Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by greuff · cremotelinux

https://www.exploit-db.com/exploits/4537

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Subversion servers (1.0.0 and 0.37) to achieve remote code execution. It uses a two-stage payload: the first stage searches for the socket file descriptor and reads the second stage, which spawns a shell.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Subversion 1.0.0 and 0.37

No auth needed

Prerequisites: Network access to vulnerable Subversion server · Subversion server running on a supported protocol (SVN, HTTP)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026