EIP-2026-114754

PRE-CVE

IBM U2 UniVerse 10.0.0.9 - UVADMSH Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114754. PoCs published by kf.

AI-analyzed exploit summary The vulnerability in UniVerse's uvadmsh binary involves a buffer overflow due to lack of bounds checking when parsing command-line arguments. The provided GDB output demonstrates a segmentation fault caused by overwriting the return address with 'Z' characters (0x5a5a5a5a), indicating a classic stack-based overflow.

Description

IBM U2 UniVerse 10.0.0.9 - UVADMSH Buffer Overflow

Exploits (1)

exploitdb WRITEUP VERIFIED

by kf · textdosunix

https://www.exploit-db.com/exploits/22920

View Code ZIP pw:eip

The vulnerability in UniVerse's uvadmsh binary involves a buffer overflow due to lack of bounds checking when parsing command-line arguments. The provided GDB output demonstrates a segmentation fault caused by overwriting the return address with 'Z' characters (0x5a5a5a5a), indicating a classic stack-based overflow.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: UniVerse version 10.0.0.9 (and likely prior versions)

Auth required

Prerequisites: Access to the 'uvadm' user account · Ability to execute the uvadmsh binary with crafted arguments

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026