EIP-2026-119295

PRE-CVE

Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119295. PoCs published by Texonet.

AI-analyzed exploit summary The vulnerability in BadBlue Personal Edition versions 2.5 and prior allows the 'Pass Thru' function to be abused as a proxy, enabling attackers to obfuscate their identities and bypass network controls. The exploit involves sending a crafted HTTP request to the 'ext.dll' endpoint with the 'mfcisapicommand=PassThru' parameter.

Description

Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay

Exploits (1)

exploitdb WRITEUP VERIFIED

by Texonet · textremotewindows

https://www.exploit-db.com/exploits/24409

View Code ZIP pw:eip

The vulnerability in BadBlue Personal Edition versions 2.5 and prior allows the 'Pass Thru' function to be abused as a proxy, enabling attackers to obfuscate their identities and bypass network controls. The exploit involves sending a crafted HTTP request to the 'ext.dll' endpoint with the 'mfcisapicommand=PassThru' parameter.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: BadBlue Personal Edition <= 2.5

No auth needed

Prerequisites: Network access to the vulnerable BadBlue server

MITRE ATT&CK

T1090 - Proxy

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026