EIP-2026-117947

PRE-CVE

South River Technologies WebDrive 9.02 build 2232 - Local Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117947. PoCs published by bellick.

AI-analyzed exploit summary This exploit leverages an insecure security descriptor on the WebDrive Service to allow local users to replace the service binary path and execute arbitrary commands with SYSTEM privileges. The PoC provides explicit commands to stop, reconfigure, and restart the service to add a new administrator account.

Description

South River Technologies WebDrive 9.02 build 2232 - Local Privilege Escalation

Exploits (1)

exploitdb WORKING POC VERIFIED

by bellick · textlocalwindows

https://www.exploit-db.com/exploits/9970

View Code ZIP pw:eip

This exploit leverages an insecure security descriptor on the WebDrive Service to allow local users to replace the service binary path and execute arbitrary commands with SYSTEM privileges. The PoC provides explicit commands to stop, reconfigure, and restart the service to add a new administrator account.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: South River Technologies WebDrive 9.02 build 2232

Auth required

Prerequisites: Local access to the target system · WebDrive Service installed with vulnerable security descriptor

MITRE ATT&CK

T1543.003 - Windows Service T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026