EIP-2026-103585

PRE-CVE

Multiple HTTP Server - Low Bandwidth Denial of Service (2)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103585. PoCs published by evilrabbi.

AI-analyzed exploit summary This PHP script exploits a DoS vulnerability by sending malformed HTTP requests with random headers and content lengths, causing the target web server to hang. It forks multiple processes to amplify the attack.

Description

Multiple HTTP Server - Low Bandwidth Denial of Service (2)

Exploits (1)

exploitdb WORKING POC VERIFIED

by evilrabbi · phpdosmultiple

https://www.exploit-db.com/exploits/8991

View Code ZIP pw:eip

This PHP script exploits a DoS vulnerability by sending malformed HTTP requests with random headers and content lengths, causing the target web server to hang. It forks multiple processes to amplify the attack.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Apache HTTP Server (version not specified)

No auth needed

Prerequisites: Network access to the target web server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026