EIP-2026-106518

PRE-CVE

Dolibarr ERP-CRM 12.0.3 - Remote Code Execution (Authenticated)

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106518. PoCs published by Yilmaz Degirmenci.

AI-analyzed exploit summary This exploit demonstrates an authenticated remote code execution (RCE) vulnerability in Dolibarr ERP-CRM 12.0.3 by injecting a malicious payload into the 'zipfilename_template' parameter during a backup generation request, leveraging command injection via the '--use-compress-program' option in tar.

Description

Dolibarr ERP-CRM 12.0.3 - Remote Code Execution (Authenticated)

Exploits (1)

exploitdb WORKING POC
by Yilmaz Degirmenci · pythonwebappsphp
https://www.exploit-db.com/exploits/49269

This exploit demonstrates an authenticated remote code execution (RCE) vulnerability in Dolibarr ERP-CRM 12.0.3 by injecting a malicious payload into the 'zipfilename_template' parameter during a backup generation request, leveraging command injection via the '--use-compress-program' option in tar.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Dolibarr ERP-CRM 12.0.3
Auth required
Prerequisites: Valid admin credentials for Dolibarr ERP-CRM · Access to the admin dashboard
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026