EIP-2026-104418

PRE-CVE

SAP BusinessObjects launch pad - Server-Side Request Forgery

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104418. PoCs published by Ahmad Mahfouz.

AI-analyzed exploit summary This exploit leverages a design error in SAP BusinessObjects launch pad to perform an SSRF timing attack for port scanning. It sends a crafted request to the target URL with a specified IP and port to determine if the port is open based on response time.

Description

SAP BusinessObjects launch pad - Server-Side Request Forgery

Exploits (1)

exploitdb WORKING POC

by Ahmad Mahfouz · pythonwebappsmultiple

https://www.exploit-db.com/exploits/43404

View Code ZIP pw:eip

This exploit leverages a design error in SAP BusinessObjects launch pad to perform an SSRF timing attack for port scanning. It sends a crafted request to the target URL with a specified IP and port to determine if the port is open based on response time.

Classification

Working Poc 90%

Attack Type

Ssrf

Complexity

Moderate

Reliability

Reliable

Target: SAP BusinessObjects launch pad

No auth needed

Prerequisites: Access to the SAP BusinessObjects launch pad URL · Network connectivity to the target IP and port

MITRE ATT&CK

T1189 - Drive-by Compromise T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026