EIP-2026-103237

PRE-CVE

VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103237. PoCs published by DarkFig.

AI-analyzed exploit summary This PHP script is a remote root exploit for VHCS <= 2.4.7.1, leveraging authentication bypass and SQL injection to gain root access. It includes a custom PhpSploit class for HTTP interactions and demonstrates a multi-step attack chain.

Description

VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by DarkFig · phpremotelinux

https://www.exploit-db.com/exploits/5224

View Code ZIP pw:eip

This PHP script is a remote root exploit for VHCS <= 2.4.7.1, leveraging authentication bypass and SQL injection to gain root access. It includes a custom PhpSploit class for HTTP interactions and demonstrates a multi-step attack chain.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: VHCS 2.4.7.1 and earlier

Auth required

Prerequisites: Administrator access to VHCS panel · Reseller and client accounts configured

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026