EIP-2026-111659

PRE-CVE

Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111659. PoCs published by bwall.

AI-analyzed exploit summary This Metasploit module exploits an authentication bypass in the Ra1NX PHP IRC bot via the public call feature in private messages, allowing remote command execution. It leverages the IRC protocol to send malicious commands to the bot.

Description

Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)

Exploits (1)

exploitdb WORKING POC

by bwall · rubywebappsphp

https://www.exploit-db.com/exploits/24883

View Code ZIP pw:eip

This Metasploit module exploits an authentication bypass in the Ra1NX PHP IRC bot via the public call feature in private messages, allowing remote command execution. It leverages the IRC protocol to send malicious commands to the bot.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ra1NX PHP Bot v2.0

No auth needed

Prerequisites: Network access to the IRC server · Knowledge of the target bot's nickname

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026