EIP-2026-117095

PRE-CVE

Easy File Sharing Web Server 7.2 - Account Import Local Buffer Overflow (SEH)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117095. PoCs published by Chako.

AI-analyzed exploit summary This is a functional local buffer overflow exploit targeting EFS Web Server 7.2 via a crafted user account file import, leveraging SEH overwrite and shellcode execution to spawn calc.exe. The exploit is tested on Windows XP SP3 with DEP disabled.

Description

Easy File Sharing Web Server 7.2 - Account Import Local Buffer Overflow (SEH)

Exploits (1)

exploitdb WORKING POC

by Chako · pythonlocalwindows

https://www.exploit-db.com/exploits/42267

View Code ZIP pw:eip

This is a functional local buffer overflow exploit targeting EFS Web Server 7.2 via a crafted user account file import, leveraging SEH overwrite and shellcode execution to spawn calc.exe. The exploit is tested on Windows XP SP3 with DEP disabled.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: EFS Web Server 7.2

No auth needed

Prerequisites: Windows XP SP3 with DEP disabled · EFS Web Server 7.2 installed · Ability to import a malicious user account file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026