EIP-2026-118996

PRE-CVE

Opera 7.x - Directory Traversal

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118996. PoCs published by nesumin.

AI-analyzed exploit summary This Perl script exploits a directory traversal vulnerability in Opera 7.x by serving a malicious HTTP server that tricks the browser into auto-saving a batch file to an arbitrary location on the victim's system. The exploit leverages Opera's handling of temporary files during downloads to overwrite or corrupt files via path traversal sequences.

Description

Opera 7.x - Directory Traversal

Exploits (1)

exploitdb WORKING POC VERIFIED

by nesumin · perlremotewindows

https://www.exploit-db.com/exploits/23464

View Code ZIP pw:eip

This Perl script exploits a directory traversal vulnerability in Opera 7.x by serving a malicious HTTP server that tricks the browser into auto-saving a batch file to an arbitrary location on the victim's system. The exploit leverages Opera's handling of temporary files during downloads to overwrite or corrupt files via path traversal sequences.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Opera 7.0x, 7.1x, 7.20, 7.21, 7.22

No auth needed

Prerequisites: Victim must visit the malicious server · Victim must click a link · Opera browser must be vulnerable version

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1204 - User Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026