EIP-2026-104372

PRE-CVE

Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated) (1)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104372. PoCs published by SunCSR.

AI-analyzed exploit summary This exploit demonstrates an authenticated command injection vulnerability in Openlitespeed WebServer 1.7.8. It leverages improper input validation in the 'Command' field of the External App configuration to execute arbitrary commands, resulting in a reverse shell.

Description

Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated) (1)

Exploits (1)

exploitdb WORKING POC VERIFIED

by SunCSR · textwebappsmultiple

https://www.exploit-db.com/exploits/49483

View Code ZIP pw:eip

This exploit demonstrates an authenticated command injection vulnerability in Openlitespeed WebServer 1.7.8. It leverages improper input validation in the 'Command' field of the External App configuration to execute arbitrary commands, resulting in a reverse shell.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Openlitespeed WebServer 1.7.8

Auth required

Prerequisites: Authenticated access to the Openlitespeed dashboard · Administrator privileges · Network connectivity to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026