EIP-2026-117217

PRE-CVE

FTPShell Client 5.24 - Local Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117217. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow in FTPShell Client v5.24 by overwriting the EIP register and redirecting execution to shellcode in the ECX register, achieving local arbitrary code execution (e.g., launching calc.exe). The payload is crafted to bypass basic protections and directly control program flow.

Description

FTPShell Client 5.24 - Local Buffer Overflow

Exploits (1)

exploitdb WORKING POC

by hyp3rlinx · pythonlocalwindows

https://www.exploit-db.com/exploits/39132

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow in FTPShell Client v5.24 by overwriting the EIP register and redirecting execution to shellcode in the ECX register, achieving local arbitrary code execution (e.g., launching calc.exe). The payload is crafted to bypass basic protections and directly control program flow.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: FTPShell Client v5.24

No auth needed

Prerequisites: Local access to the FTPShell Client application · Ability to inject payload into the 'Address' field

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026