EIP-2026-116562

PRE-CVE

WinSCP 5.9.4 - 'LIST' Denial of Service (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116562. PoCs published by mohammed Mohammed.

AI-analyzed exploit summary This exploit creates a fake FTP server that triggers a denial-of-service (DoS) condition in WinSCP 5.9.4 by sending malformed responses to the LIST command. The PoC uses the Metasploit framework to fuzz the FTP client, causing it to crash.

Description

WinSCP 5.9.4 - 'LIST' Denial of Service (Metasploit)

Exploits (1)

exploitdb WORKING POC VERIFIED

by mohammed Mohammed · rubydoswindows

https://www.exploit-db.com/exploits/41889

View Code ZIP pw:eip

This exploit creates a fake FTP server that triggers a denial-of-service (DoS) condition in WinSCP 5.9.4 by sending malformed responses to the LIST command. The PoC uses the Metasploit framework to fuzz the FTP client, causing it to crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: WinSCP 5.9.4

No auth needed

Prerequisites: Metasploit framework · Network access to target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026