EIP-2026-104598

PRE-CVE

GNS3 Mac OS-X 1.5.2 - 'ubridge' Local Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104598. PoCs published by Hacker Fantastic.

AI-analyzed exploit summary This exploit abuses a setuid root binary (ubridge) in GNS-3 on macOS to overwrite the root crontab, leading to local privilege escalation. It creates a malicious cron entry that copies and sets the setuid bit on a shell binary, granting root access.

Description

GNS3 Mac OS-X 1.5.2 - 'ubridge' Local Privilege Escalation

Exploits (1)

exploitdb WORKING POC

by Hacker Fantastic · bashlocalosx

https://www.exploit-db.com/exploits/41873

View Code ZIP pw:eip

This exploit abuses a setuid root binary (ubridge) in GNS-3 on macOS to overwrite the root crontab, leading to local privilege escalation. It creates a malicious cron entry that copies and sets the setuid bit on a shell binary, granting root access.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: GNS-3 version 1.5.2

No auth needed

Prerequisites: GNS-3 installed on macOS · Root user must have a crontab (even empty) or system rebooted after first attempt

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1053.003 - Cron

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026