EIP-2026-114560

PRE-CVE

Zabbix 1.6.2 Frontend - Multiple Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114560. PoCs published by USH.

AI-analyzed exploit summary This is a detailed technical writeup describing multiple vulnerabilities in Zabbix 1.6.2, including Remote Code Execution (RCE), Cross-Site Request Forgery (CSRF), and Local File Inclusion (LFI). The analysis includes root cause details, affected functions, and exploitation techniques.

Description

Zabbix 1.6.2 Frontend - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED
by USH · textwebappsphp
https://www.exploit-db.com/exploits/8140

This is a detailed technical writeup describing multiple vulnerabilities in Zabbix 1.6.2, including Remote Code Execution (RCE), Cross-Site Request Forgery (CSRF), and Local File Inclusion (LFI). The analysis includes root cause details, affected functions, and exploitation techniques.

Classification
Writeup 100%
Attack Type
Rce | Xss | Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Zabbix 1.6.2
No auth needed
Prerequisites: Magic Quotes must be off for RCE and LFI
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026