EIP-2026-117242

PRE-CVE

GlobalScape - CuteFTP macros '.mcr' Local File Write

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117242. PoCs published by ATmaCA.

AI-analyzed exploit summary This exploit demonstrates a vulnerability in GlobalSCAPE CuteFTP V6.0 where a crafted macro file (*.mcr) can be used to download an arbitrary file to the target user's startup folder, leading to potential remote code execution upon system reboot.

Description

GlobalScape - CuteFTP macros '.mcr' Local File Write

Exploits (1)

exploitdb WORKING POC VERIFIED

by ATmaCA · textlocalwindows

https://www.exploit-db.com/exploits/560

View Code ZIP pw:eip

This exploit demonstrates a vulnerability in GlobalSCAPE CuteFTP V6.0 where a crafted macro file (*.mcr) can be used to download an arbitrary file to the target user's startup folder, leading to potential remote code execution upon system reboot.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: GlobalSCAPE CuteFTP V6.0

No auth needed

Prerequisites: Ability to deliver a crafted .mcr file to the target · Target user must execute the macro file

MITRE ATT&CK

T1204 - User Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026