EIP-2026-118099

PRE-CVE

WEG SuperDrive G2 12.0.0 - Insecure File Permissions

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118099. PoCs published by LiquidWorm.

AI-analyzed exploit summary The vulnerability involves insecure file permissions in WEG SuperDrive G2 v12.0.0 and SuperDrive v7.0.0, allowing authenticated users to replace executable files due to improper 'Change' permissions for the 'Authenticated Users' group.

Description

WEG SuperDrive G2 12.0.0 - Insecure File Permissions

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/39260

View Code ZIP pw:eip

The vulnerability involves insecure file permissions in WEG SuperDrive G2 v12.0.0 and SuperDrive v7.0.0, allowing authenticated users to replace executable files due to improper 'Change' permissions for the 'Authenticated Users' group.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: WEG SuperDrive G2 v12.0.0, SuperDrive v7.0.0

Auth required

Prerequisites: Authenticated user access to the system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026