EIP-2026-117431

PRE-CVE

Macro Expert 4.9 - Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117431. PoCs published by Murat DEMİRCİ.

AI-analyzed exploit summary This is a technical writeup describing an unquoted service path vulnerability in Macro Expert 4.9. The author demonstrates how the service path lacks quotes, potentially allowing privilege escalation if an executable is placed in a crafted path.

Description

Macro Expert 4.9 - Unquoted Service Path

Exploits (1)

exploitdb WRITEUP

by Murat DEMİRCİ · textlocalwindows

https://www.exploit-db.com/exploits/51506

View Code ZIP pw:eip

This is a technical writeup describing an unquoted service path vulnerability in Macro Expert 4.9. The author demonstrates how the service path lacks quotes, potentially allowing privilege escalation if an executable is placed in a crafted path.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Macro Expert 4.9

Auth required

Prerequisites: Local access to the system · Ability to write to the vulnerable path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026