EIP-2026-103815

PRE-CVE

SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103815. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates an authenticated remote code execution vulnerability in SmartFoxServer 2X 2.17.0 by enabling and unlocking an undocumented console module. The PoC shows how to execute arbitrary Python code, including system commands, via the console interface.

Description

SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by LiquidWorm · textlocalmultiple

https://www.exploit-db.com/exploits/49526

View Code ZIP pw:eip

This exploit demonstrates an authenticated remote code execution vulnerability in SmartFoxServer 2X 2.17.0 by enabling and unlocking an undocumented console module. The PoC shows how to execute arbitrary Python code, including system commands, via the console interface.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SmartFoxServer 2X 2.17.0

Auth required

Prerequisites: Authenticated access to the admin interface · Ability to modify configuration files

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1059.006 - Python

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026