EIP-2026-116524

PRE-CVE

WarFTP Daemon 1.82 RC 11 - Remote Format String

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116524. PoCs published by coolkaveh.

AI-analyzed exploit summary This exploit targets a format string vulnerability in War FTP Daemon 1.82 RC 11. It sends malformed USER and PASS commands with format string specifiers to trigger the vulnerability, potentially leading to remote code execution or denial of service.

Description

WarFTP Daemon 1.82 RC 11 - Remote Format String

Exploits (1)

exploitdb WORKING POC VERIFIED

by coolkaveh · perldoswindows

https://www.exploit-db.com/exploits/20957

View Code ZIP pw:eip

This exploit targets a format string vulnerability in War FTP Daemon 1.82 RC 11. It sends malformed USER and PASS commands with format string specifiers to trigger the vulnerability, potentially leading to remote code execution or denial of service.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: War FTP Daemon 1.82 RC 11

No auth needed

Prerequisites: Network access to the target FTP service · War FTP Daemon 1.82 RC 11 running on the target

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026