EIP-2026-117115

PRE-CVE

EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117115. PoCs published by Ashiyane Digital Security Team.

AI-analyzed exploit summary The exploit describes an insecure file permission vulnerability in EasyPHP Devserver 16.1, where the executable file has weak permissions allowing any user to replace it, leading to privilege escalation when executed by another user.

Description

EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation

Exploits (1)

exploitdb WRITEUP VERIFIED

by Ashiyane Digital Security Team · textlocalwindows

https://www.exploit-db.com/exploits/40902

View Code ZIP pw:eip

The exploit describes an insecure file permission vulnerability in EasyPHP Devserver 16.1, where the executable file has weak permissions allowing any user to replace it, leading to privilege escalation when executed by another user.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: EasyPHP Devserver 16.1

No auth needed

Prerequisites: Access to the system where EasyPHP Devserver 16.1 is installed · Ability to replace the executable file

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026