EIP-2026-118697

PRE-CVE

Intrasrv Simple Web Server 1.0 - Remote Code Execution (SEH)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118697. PoCs published by xis_one.

AI-analyzed exploit summary This exploit targets a SEH-based buffer overflow in Intrasrv Simple Web Server 1.0, using an egghunter and reverse shell payload to achieve remote code execution. The payload is delivered via an HTTP GET request with a malformed Host header.

Description

Intrasrv Simple Web Server 1.0 - Remote Code Execution (SEH)

Exploits (1)

exploitdb WORKING POC VERIFIED

by xis_one · pythonremotewindows

https://www.exploit-db.com/exploits/25836

View Code ZIP pw:eip

This exploit targets a SEH-based buffer overflow in Intrasrv Simple Web Server 1.0, using an egghunter and reverse shell payload to achieve remote code execution. The payload is delivered via an HTTP GET request with a malformed Host header.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Intrasrv Simple Web Server 1.0

No auth needed

Prerequisites: Network access to the target server · Target running Intrasrv Simple Web Server 1.0 on Windows XP SP3

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026