EIP-2026-118519

PRE-CVE

EnjoySAP 6.4/7.1 - File Overwrite

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118519. PoCs published by sh2kerr.

AI-analyzed exploit summary The exploit demonstrates an ActiveX control vulnerability in SAP GUI for Windows, allowing arbitrary file overwrites via insecure methods (SaveToSessionFile, SaveViewToSessionFile). The provided HTML examples show how an attacker can overwrite system files like boot.ini by leveraging directory traversal.

Description

EnjoySAP 6.4/7.1 - File Overwrite

Exploits (1)

exploitdb WORKING POC VERIFIED

by sh2kerr · textremotewindows

https://www.exploit-db.com/exploits/9810

View Code ZIP pw:eip

The exploit demonstrates an ActiveX control vulnerability in SAP GUI for Windows, allowing arbitrary file overwrites via insecure methods (SaveToSessionFile, SaveViewToSessionFile). The provided HTML examples show how an attacker can overwrite system files like boot.ini by leveraging directory traversal.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: SAP GUI for Windows 6.4 and 7.1 (Tested on 7100.2.7.1038 PL 7)

No auth needed

Prerequisites: Victim must open a malicious HTML page · ActiveX control must be enabled in the browser

MITRE ATT&CK

T1221 - Template Injection T1204 - User Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026