EIP-2026-118118

PRE-CVE

Windscribe 1.83 - 'WindscribeService' Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118118. PoCs published by Ethan Seow.

AI-analyzed exploit summary This exploit leverages an unquoted service path vulnerability in WindscribeService to execute arbitrary commands with SYSTEM privileges. The batch script modifies the service's binary path to launch a reverse shell payload.

Description

Windscribe 1.83 - 'WindscribeService' Unquoted Service Path

Exploits (1)

exploitdb WORKING POC

by Ethan Seow · textlocalwindows

https://www.exploit-db.com/exploits/48624

View Code ZIP pw:eip

This exploit leverages an unquoted service path vulnerability in WindscribeService to execute arbitrary commands with SYSTEM privileges. The batch script modifies the service's binary path to launch a reverse shell payload.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Windscribe v1.83 Build 20

Auth required

Prerequisites: Local access to the target system · Ability to modify service configurations · Presence of the vulnerable Windscribe version

MITRE ATT&CK

T1543.003 - Windows Service T1059.003 - Windows Command Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026