EIP-2026-104600

PRE-CVE

MacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104600. PoCs published by Matt Johnston.

AI-analyzed exploit summary The exploit describes a symbolic link attack vulnerability in RsyncX's scheduler component due to insecure temporary file creation in /tmp/cron_rsyncxtmp. A local attacker can manipulate this to overwrite critical files like /etc/crontab by creating a symlink.

Description

MacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation

Exploits (1)

exploitdb WRITEUP VERIFIED
by Matt Johnston · textlocalosx
https://www.exploit-db.com/exploits/24609

The exploit describes a symbolic link attack vulnerability in RsyncX's scheduler component due to insecure temporary file creation in /tmp/cron_rsyncxtmp. A local attacker can manipulate this to overwrite critical files like /etc/crontab by creating a symlink.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: RsyncX (version not specified)
No auth needed
Prerequisites: Local access to the system · RsyncX scheduler component in use
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026