EIP-2026-117679

PRE-CVE

NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117679. PoCs published by Amir.ght.

AI-analyzed exploit summary This is a technical writeup describing an unquoted service path privilege escalation vulnerability in NETGATE Data Backup. The vulnerability allows local attackers to escalate privileges by inserting an executable in the service path, which gets executed upon service restart or system reboot.

Description

NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation

Exploits (1)

exploitdb WRITEUP VERIFIED

by Amir.ght · textlocalwindows

https://www.exploit-db.com/exploits/40541

View Code ZIP pw:eip

This is a technical writeup describing an unquoted service path privilege escalation vulnerability in NETGATE Data Backup. The vulnerability allows local attackers to escalate privileges by inserting an executable in the service path, which gets executed upon service restart or system reboot.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: NETGATE Data Backup build 3.0.605

Auth required

Prerequisites: Local access to the system · Ability to write to the vulnerable service path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026