EIP-2026-104119

PRE-CVE

VMware 2 Web Server - Directory Traversal

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104119. PoCs published by clshack.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in VMware Web Server 2.0.2, allowing unauthorized access to sensitive files like boot.ini via crafted HTTP requests. The PoC provides clear examples of traversal sequences to exploit the flaw.

Description

VMware 2 Web Server - Directory Traversal

Exploits (1)

exploitdb WORKING POC VERIFIED

by clshack · textremotemultiple

https://www.exploit-db.com/exploits/15617

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in VMware Web Server 2.0.2, allowing unauthorized access to sensitive files like boot.ini via crafted HTTP requests. The PoC provides clear examples of traversal sequences to exploit the flaw.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: VMware Web Server 2.0.2

No auth needed

Prerequisites: Network access to the VMware Web Server on port 8307

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026