EIP-2026-104715

PRE-CVE

Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104715. PoCs published by Ege Balci.

AI-analyzed exploit summary This Metasploit module exploits a file upload vulnerability in the Baldr Botnet Panel, allowing arbitrary PHP file upload and remote code execution. It supports multiple versions of the panel and uses XOR encryption for payload obfuscation.

Description

Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)

Exploits (1)

exploitdb WORKING POC

by Ege Balci · rubyremotephp

https://www.exploit-db.com/exploits/47215

View Code ZIP pw:eip

This Metasploit module exploits a file upload vulnerability in the Baldr Botnet Panel, allowing arbitrary PHP file upload and remote code execution. It supports multiple versions of the panel and uses XOR encryption for payload obfuscation.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Baldr Botnet Panel (v2.0, v2.2, v3.0, v3.1)

No auth needed

Prerequisites: Network access to the target panel · Panel must be vulnerable and accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026