EIP-2026-115505
PRE-CVEKaspersky AntiVirus - Certificate Handling Directory Traversal
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-115505. PoCs published by Google Security Research.
AI-analyzed exploit summary This writeup details a path traversal vulnerability in Kaspersky's HTTPS inspection feature, where crafted certificate Common Names (CN) can write arbitrary files to the filesystem. The author demonstrates generating a malicious certificate and using it to create a file in a sensitive location, potentially leading to code execution.
Description
Kaspersky AntiVirus - Certificate Handling Directory Traversal
Exploits (1)
This writeup details a path traversal vulnerability in Kaspersky's HTTPS inspection feature, where crafted certificate Common Names (CN) can write arbitrary files to the filesystem. The author demonstrates generating a malicious certificate and using it to create a file in a sensitive location, potentially leading to code execution.