EIP-2026-115456

PRE-CVE

Ipswitch WS_FTP 2007 Professional - 'WSFTPURL.exe' Local Memory Corruption

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115456. PoCs published by LMH.

AI-analyzed exploit summary This exploit targets a local memory corruption vulnerability in Ipswitch WS_FTP 2007 Professional by manipulating the 'wsbho2k0.dll' library through crafted arguments. It leverages AppleTalk socket operations to trigger the vulnerability, potentially leading to arbitrary code execution in kernel context.

Description

Ipswitch WS_FTP 2007 Professional - 'WSFTPURL.exe' Local Memory Corruption

Exploits (1)

exploitdb WORKING POC VERIFIED

by LMH · cdoswindows

https://www.exploit-db.com/exploits/29463

View Code ZIP pw:eip

This exploit targets a local memory corruption vulnerability in Ipswitch WS_FTP 2007 Professional by manipulating the 'wsbho2k0.dll' library through crafted arguments. It leverages AppleTalk socket operations to trigger the vulnerability, potentially leading to arbitrary code execution in kernel context.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Ipswitch WS_FTP 2007 Professional

No auth needed

Prerequisites: AppleTalk stack enabled on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026