CVE-2005-2842

DameWare Mini Remote Control <4.9.0 - RCE

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2005-2842. PoCs published by jpno5, James Fitts.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in DameWare Mini Remote Control Server (CVE-2005-2842) via a crafted packet sent to port 6129. It includes shellcode for a reverse shell and OS detection mechanisms.

Description

Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username.

Exploits (2)

exploitdb WORKING POC VERIFIED

by jpno5 · cremotewindows

https://www.exploit-db.com/exploits/1190

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in DameWare Mini Remote Control Server (CVE-2005-2842) via a crafted packet sent to port 6129. It includes shellcode for a reverse shell and OS detection mechanisms.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: DameWare Mini Remote Control Server < 4.9.0

No auth needed

Prerequisites: Network access to port 6129 on the target · Target running vulnerable version of DameWare Mini Remote Control Server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by James Fitts · rubyremotewindows

https://www.exploit-db.com/exploits/42703

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in Dameware Mini Remote Control v4.0 by sending an overly long username to the DWRCS service on port 6129, leading to arbitrary code execution via a crafted payload.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Dameware Mini Remote Control v4.0

No auth needed

Prerequisites: Network access to port 6129 on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42703/

Exploit, Patch, Vendor Advisory mailing-list x_refsource_fulldisc

http://archives.neohapsis.com/archives/fulldisclosure/2005-08/1074.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/16655

Patch, Vendor Advisory vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014830

Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/170905

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/14707

Exploit, Patch, Vendor Advisory x_refsource_misc

http://www.jpno5.com/Releases/Public/Exploits/Dameware%20Mini%20Remote%20Control%20Exploit/dameware.txt

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2005/1596

Scores

EPSS 0.2112

EPSS Percentile 97.3%

Details

Status published

Products (4)

dameware_development/mini_remote_control_server 4.0

dameware_development/mini_remote_control_server 4.1.0.0

dameware_development/mini_remote_control_server 4.2.0.0

dameware_development/mini_remote_control_server 4.8

Published Sep 08, 2005

Tracked Since Feb 18, 2026