EIP-2026-118295
PRE-CVEAvira AntiVir Personal - Multiple Code Execution Vulnerabilities (2)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-118295. PoCs published by D.Elser.
AI-analyzed exploit summary This exploit targets a local heap overflow vulnerability in Avira AntiVir Personal Edition 7.00.00.52. It sends two TCP packets to the avguard.exe service on port 18350, triggering a buffer overflow to execute arbitrary shellcode with SYSTEM privileges.
Description
Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (2)
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by D.Elser · pythonremotewindows
https://www.exploit-db.com/exploits/35226
This exploit targets a local heap overflow vulnerability in Avira AntiVir Personal Edition 7.00.00.52. It sends two TCP packets to the avguard.exe service on port 18350, triggering a buffer overflow to execute arbitrary shellcode with SYSTEM privileges.
Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target:
Avira AntiVir Personal Edition 7.00.00.52
No auth needed
Prerequisites:
Local access to the target system · Avira AntiVir Personal Edition 7.00.00.52 installed · avguard.exe service running on port 18350
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026