EIP-2026-103981

PRE-CVE

McAfee Web Gateway 7.1.5.x - 'Host' HTTP Header Security Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103981. PoCs published by Gabriel Menezes Nunes.

AI-analyzed exploit summary This Python script exploits a security-bypass vulnerability in McAfee Web Gateway by manipulating HTTP headers to bypass filtering rules. It intercepts and modifies HTTP requests to replace the Host field with an allowed domain while connecting to the actual target IP.

Description

McAfee Web Gateway 7.1.5.x - 'Host' HTTP Header Security Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gabriel Menezes Nunes · pythonremotemultiple

https://www.exploit-db.com/exploits/37081

View Code ZIP pw:eip

This Python script exploits a security-bypass vulnerability in McAfee Web Gateway by manipulating HTTP headers to bypass filtering rules. It intercepts and modifies HTTP requests to replace the Host field with an allowed domain while connecting to the actual target IP.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: McAfee Web Gateway 7

No auth needed

Prerequisites: Access to a vulnerable McAfee Web Gateway proxy · Network connectivity to the target proxy

MITRE ATT&CK

T1083 - File and Directory Discovery T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026