EIP-2026-119267

PRE-CVE

WebDAV Windows 10 - Remote Code Execution (RCE)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119267. PoCs published by Dev Bui Hieu.

AI-analyzed exploit summary This exploit generates a malicious .URL file that leverages Windows' handling of UNC paths to execute a remote binary via WebDAV or SMB. The victim's system automatically reaches out to the specified path when the file is opened or previewed, leading to arbitrary code execution.

Description

WebDAV Windows 10 - Remote Code Execution (RCE)

Exploits (1)

exploitdb WORKING POC

by Dev Bui Hieu · remotewindows

https://www.exploit-db.com/exploits/52334

View Code ZIP pw:eip

This exploit generates a malicious .URL file that leverages Windows' handling of UNC paths to execute a remote binary via WebDAV or SMB. The victim's system automatically reaches out to the specified path when the file is opened or previewed, leading to arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Windows 10, Windows 11

No auth needed

Prerequisites: Attacker-controlled WebDAV or SMB share · Victim interaction to open or preview the .URL file

MITRE ATT&CK

T1204.002 - Malicious File T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026