EIP-2026-117419

PRE-CVE

LiteManager 4.5.0 - 'romservice' Unquoted Serive Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117419. PoCs published by cakes.

AI-analyzed exploit summary This is a technical writeup demonstrating an unquoted service path vulnerability in LiteManager 4.5.0. The exploit leverages the lack of quotes around the executable path in the 'romservice' service, allowing potential privilege escalation via path manipulation.

Description

LiteManager 4.5.0 - 'romservice' Unquoted Serive Path

Exploits (1)

exploitdb WRITEUP

by cakes · textlocalwindows

https://www.exploit-db.com/exploits/47508

View Code ZIP pw:eip

This is a technical writeup demonstrating an unquoted service path vulnerability in LiteManager 4.5.0. The exploit leverages the lack of quotes around the executable path in the 'romservice' service, allowing potential privilege escalation via path manipulation.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: LiteManager 4.5.0

Auth required

Prerequisites: Local access to the system · Ability to create executable files in the path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026