EIP-2026-118509

PRE-CVE

eIQnetworks ESA - Syslog Server Remote Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118509. PoCs published by Kevin Finisterre.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in eiQnetworks Syslog Server by overwriting the SEH chain. It uses a two-stage shellcode approach to achieve remote code execution on Windows XP SP1.

Description

eIQnetworks ESA - Syslog Server Remote Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kevin Finisterre · perlremotewindows

https://www.exploit-db.com/exploits/2079

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in eiQnetworks Syslog Server by overwriting the SEH chain. It uses a two-stage shellcode approach to achieve remote code execution on Windows XP SP1.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: eiQnetworks Syslog Server (G2SRv4.0.36.exe)

No auth needed

Prerequisites: Syslog service listening on port 12345 · Target running Windows XP SP1

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026