EIP-2026-118548

PRE-CVE

FirePHP Firefox Plugin 0.7.1 - Remote Command Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118548. PoCs published by Wireghoul.

AI-analyzed exploit summary This exploit leverages a vulnerability in the FirePHP Firefox plugin to achieve remote code execution by injecting malicious XUL code via crafted HTTP headers. The payload launches calc.exe on Windows systems.

Description

FirePHP Firefox Plugin 0.7.1 - Remote Command Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by Wireghoul · htmlremotewindows

https://www.exploit-db.com/exploits/24961

View Code ZIP pw:eip

This exploit leverages a vulnerability in the FirePHP Firefox plugin to achieve remote code execution by injecting malicious XUL code via crafted HTTP headers. The payload launches calc.exe on Windows systems.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: FirePHP Firefox plugin up to and including 0.7.1

No auth needed

Prerequisites: Victim must have the vulnerable FirePHP plugin installed in Firefox · Attacker must deliver the exploit via a crafted HTTP response

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026