EIP-2026-115458

PRE-CVE

Ipswitch WS_FTP LE 12.3 - Search field Overwrite (SEH) (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115458. PoCs published by Zahid Adeel.

AI-analyzed exploit summary This PoC demonstrates an SEH (Structured Exception Handler) overwrite vulnerability in Ipswitch WS_FTP LE 12.3 by crafting a malicious input for the 'Local Search' field. The exploit uses a buffer overflow with a controlled SEH chain to potentially achieve arbitrary code execution.

Description

Ipswitch WS_FTP LE 12.3 - Search field Overwrite (SEH) (PoC)

Exploits (1)

exploitdb WORKING POC

by Zahid Adeel · pythondoswindows

https://www.exploit-db.com/exploits/39796

View Code ZIP pw:eip

This PoC demonstrates an SEH (Structured Exception Handler) overwrite vulnerability in Ipswitch WS_FTP LE 12.3 by crafting a malicious input for the 'Local Search' field. The exploit uses a buffer overflow with a controlled SEH chain to potentially achieve arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ipswitch WS_FTP LE 12.3

No auth needed

Prerequisites: WS_FTP LE 12.3 installed on target system · User interaction to paste malicious input into the search field

MITRE ATT&CK

T1210 - Exploitation of Remote Services T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026