EIP-2026-118424

PRE-CVE

Disk Sorter Enterprise 9.1.12 - 'Login' Remote Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118424. PoCs published by Tulpa.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Disk Sorter Enterprise 9.1.12, leveraging a crafted HTTP POST request to achieve remote code execution (RCE) with NT AUTHORITY\SYSTEM privileges. The payload includes shellcode, an egghunter, and SEH overwrite techniques to bypass protections.

Description

Disk Sorter Enterprise 9.1.12 - 'Login' Remote Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by Tulpa · pythonremotewindows

https://www.exploit-db.com/exploits/40833

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Disk Sorter Enterprise 9.1.12, leveraging a crafted HTTP POST request to achieve remote code execution (RCE) with NT AUTHORITY\SYSTEM privileges. The payload includes shellcode, an egghunter, and SEH overwrite techniques to bypass protections.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Disk Sorter Enterprise 9.1.12

No auth needed

Prerequisites: Network access to the target system · Target running Disk Sorter Enterprise 9.1.12

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026