EIP-2026-104447

PRE-CVE

Sophos VPN Web Panel 2020 - Denial of Service (Poc)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104447. PoCs published by Berk KIRAS.

AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in Sophos VPN Web Panel 2020 by sending malformed JSON data with path traversal payloads. The script uses multiple threads to flood the target with requests, causing the service to crash due to improper JSON parsing.

Description

Sophos VPN Web Panel 2020 - Denial of Service (Poc)

Exploits (1)

exploitdb WORKING POC

by Berk KIRAS · pythonwebappsmultiple

https://www.exploit-db.com/exploits/48683

View Code ZIP pw:eip

This exploit targets a denial-of-service vulnerability in Sophos VPN Web Panel 2020 by sending malformed JSON data with path traversal payloads. The script uses multiple threads to flood the target with requests, causing the service to crash due to improper JSON parsing.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Sophos VPN Web Panel 2020

No auth needed

Prerequisites: Network access to the Sophos VPN Web Panel · Python environment with 'requests' library

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026