EIP-2026-104065

PRE-CVE

SAFE TEAM Regulus 2.2 - Staffile Information Disclosure

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104065. PoCs published by masud_libra.

AI-analyzed exploit summary The vulnerability involves an information disclosure flaw in SAFE TEAM Regulus, where an unauthenticated attacker can access the 'stafffile' file containing staff usernames and password hashes. This can be exploited by directly requesting the file via a predictable URL path.

Description

SAFE TEAM Regulus 2.2 - Staffile Information Disclosure

Exploits (1)

exploitdb WRITEUP VERIFIED
by masud_libra · textremotemultiple
https://www.exploit-db.com/exploits/24581

The vulnerability involves an information disclosure flaw in SAFE TEAM Regulus, where an unauthenticated attacker can access the 'stafffile' file containing staff usernames and password hashes. This can be exploited by directly requesting the file via a predictable URL path.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: SAFE TEAM Regulus
No auth needed
Prerequisites: Network access to the target server · Knowledge of the base directory path
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026