EIP-2026-117202

PRE-CVE

freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117202. PoCs published by boku.

AI-analyzed exploit summary This is a writeup demonstrating an unquoted service path vulnerability in freeFTPd v1.0.13. The exploit leverages the lack of quotes around the service path to potentially execute arbitrary code if an attacker can place a malicious executable in the path.

Description

freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path

Exploits (1)

exploitdb WRITEUP

by boku · textlocalwindows

https://www.exploit-db.com/exploits/48043

View Code ZIP pw:eip

This is a writeup demonstrating an unquoted service path vulnerability in freeFTPd v1.0.13. The exploit leverages the lack of quotes around the service path to potentially execute arbitrary code if an attacker can place a malicious executable in the path.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: freeFTPd v1.0.13

Auth required

Prerequisites: Local access to the system · Ability to write to the root of the system drive or another directory in the path

MITRE ATT&CK

T1546.008 - Accessibility Features

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026