EIP-2026-103286
PRE-CVEISPConfig 3.0.54p1 - (Authenticated) Admin Privilege Escalation
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-103286. PoCs published by mra.
AI-analyzed exploit summary This exploit leverages an authenticated admin user in ISPConfig 3 to modify a language file and inject arbitrary commands executed as root via a cron job. The attack involves adding a shell user with a specific GID and editing a configuration file to include malicious PHP code.
Description
ISPConfig 3.0.54p1 - (Authenticated) Admin Privilege Escalation
Exploits (1)
This exploit leverages an authenticated admin user in ISPConfig 3 to modify a language file and inject arbitrary commands executed as root via a cron job. The attack involves adding a shell user with a specific GID and editing a configuration file to include malicious PHP code.