EIP-2026-104601
PRE-CVEMacOSXLabs RsyncX 2.1 - Local Privilege Escalation
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-104601. PoCs published by Matt Johnston.
AI-analyzed exploit summary This exploit leverages a local privilege escalation vulnerability in RsyncX, which fails to drop setgid wheel privileges before executing a third-party binary. By manipulating the PATH environment variable and creating a malicious 'defaults' script, an attacker can execute arbitrary code with group wheel privileges.
Description
MacOSXLabs RsyncX 2.1 - Local Privilege Escalation
Exploits (1)
This exploit leverages a local privilege escalation vulnerability in RsyncX, which fails to drop setgid wheel privileges before executing a third-party binary. By manipulating the PATH environment variable and creating a malicious 'defaults' script, an attacker can execute arbitrary code with group wheel privileges.