EIP-2026-117167

PRE-CVE

FireFly 1.0 - Local Proxy Password Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117167. PoCs published by Kozan.

AI-analyzed exploit summary This exploit reads sensitive proxy credentials from the Windows Registry where FireFly v1.0 stores them insecurely. It queries specific registry keys to extract proxy address, port, username, and password, exposing them to local users.

Description

FireFly 1.0 - Local Proxy Password Disclosure

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kozan · clocalwindows

https://www.exploit-db.com/exploits/919

View Code ZIP pw:eip

This exploit reads sensitive proxy credentials from the Windows Registry where FireFly v1.0 stores them insecurely. It queries specific registry keys to extract proxy address, port, username, and password, exposing them to local users.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: FireFly v1.0

No auth needed

Prerequisites: Local access to the target system · FireFly v1.0 installed

MITRE ATT&CK

T1552.002 - Credentials in Registry

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026