header-logo
Suggest Exploit
vendor:
SopCast SopCore Control ActiveX
by:
superli
9,3
CVSS
HIGH
Remote Code Execution
94
CWE
Product Name: SopCast SopCore Control ActiveX
Affected Version From: 3.2.4
Affected Version To: 3.2.4
Patch Exists: Yes
Related CWE: N/A
CPE: a:sopcast:sopcast_sopcore_control_activex
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3, Internet Explorer 6
2009

SopCast SopCore Control ActiveX Remote Exec 0day poc

This exploit is a proof-of-concept for a remote code execution vulnerability in the SopCast SopCore Control ActiveX control. The vulnerability exists due to an unsafe call to the CreateObject() method, which allows an attacker to execute arbitrary code on the vulnerable system. The exploit is available as a zip file containing a proof-of-concept exploit code.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should update to the latest version of the SopCast SopCore Control ActiveX control.
Source

Exploit-DB raw data:

# Exploit Title: SopCast SopCore Control ActiveX Remote Exec 0day poc
# Author: superli
# Version: 3.2.4
# Tested on: xpsp3 ie6
# Code :


https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/11062.zip (sopcast_exp.zip)

Navigation

Suggest Exploit

Services By CQR