EIP-2026-119375

PRE-CVE

GSX Analyzer 10.12/11 - 'main.swf' Hard-Coded Superadmin Credentials

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119375. PoCs published by ndevnull.

AI-analyzed exploit summary The exploit details hardcoded superadmin credentials in GSX Analyzer's Main.swf file, allowing unauthorized access via the username 'gsxlogin' and password 'gsxpassword'. The vulnerability was confirmed through decompilation of the SWF file.

Description

GSX Analyzer 10.12/11 - 'main.swf' Hard-Coded Superadmin Credentials

Exploits (1)

exploitdb WRITEUP

by ndevnull · textwebappswindows

https://www.exploit-db.com/exploits/40106

View Code ZIP pw:eip

The exploit details hardcoded superadmin credentials in GSX Analyzer's Main.swf file, allowing unauthorized access via the username 'gsxlogin' and password 'gsxpassword'. The vulnerability was confirmed through decompilation of the SWF file.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: GSX Analyzer versions 10.12 and 11

No auth needed

Prerequisites: Access to the GSX Analyzer login portal

MITRE ATT&CK

T1110.001 - Password Guessing

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026