EIP-2026-103247

PRE-CVE

WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (1)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103247. PoCs published by Damian Myerscough.

AI-analyzed exploit summary This exploit targets a heap corruption vulnerability in WSMP3 web server versions 0.0.6 and below. It leverages insufficient bounds checking to corrupt heap memory and redirect program flow, achieving remote code execution with root privileges.

Description

WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (1)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Damian Myerscough · perlremotelinux

https://www.exploit-db.com/exploits/22034

View Code ZIP pw:eip

This exploit targets a heap corruption vulnerability in WSMP3 web server versions 0.0.6 and below. It leverages insufficient bounds checking to corrupt heap memory and redirect program flow, achieving remote code execution with root privileges.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WSMP3 web_server <= 0.0.6

No auth needed

Prerequisites: Network access to the target server · WSMP3 web server running on port 8000

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026