EIP-2026-114969

PRE-CVE

Axessh 4.2 - Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114969. PoCs published by hyp3rlinx.

AI-analyzed exploit summary The exploit demonstrates a remote denial-of-service (DoS) vulnerability in Axessh 4.2.2 by sending an overly long payload (2000 'A' characters) to the SSH server (xwpsshd.exe) on port 22, causing it to crash. The PoC is functional and includes a simple Python script to trigger the vulnerability.

Description

Axessh 4.2 - Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by hyp3rlinx · textdoswindows

https://www.exploit-db.com/exploits/40699

View Code ZIP pw:eip

The exploit demonstrates a remote denial-of-service (DoS) vulnerability in Axessh 4.2.2 by sending an overly long payload (2000 'A' characters) to the SSH server (xwpsshd.exe) on port 22, causing it to crash. The PoC is functional and includes a simple Python script to trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Axessh 4.2.2 (xwpsshd.exe)

No auth needed

Prerequisites: Network access to the target SSH server (port 22) · Axessh 4.2.2 running with xwpsshd.exe

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026