header-logo
Suggest Exploit
vendor:
Xunlei XPPlayer
by:
superli
9,3
CVSS
HIGH
Remote Code Execution
94
CWE
Product Name: Xunlei XPPlayer
Affected Version From: <= 5.9.14.1246
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: a:xunlei:xunlei_xpplayer
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3, IE6
2009

Xunlei XPPlayer ActiveX Remote Exec 0day POC

This exploit allows remote attackers to execute arbitrary code on vulnerable installations of Xunlei XPPlayer ActiveX. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Xunlei XPPlayer ActiveX control, which listens by default on TCP port 8888. By sending a specially crafted packet to this port, an attacker can gain arbitrary code execution under the context of the user.

Mitigation:

Upgrade to version 5.9.14.1246 or later.
Source

Exploit-DB raw data:

# Author: superli
# Version: <= 5.9.14.1246
# Tested on: xpsp3 ie6
# Greeting to Xunlei Security Center guys,your guys still not yet # release patch or new version to fix the vunl which also can #attack Xunlei KanKan Player(http://dl.xunlei.com/xmp.html).
# I exposed this vunl two weeks ago,are you really responsible for # the security of millions users?
# Code :

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/11176.zip (Xunlei_XPPlayer_ActiveX_Remote_Exec_0day_POC.zip)

Navigation

Suggest Exploit

Services By CQR