CVE-2005-2866

Mercora IMRadio 4.0.0.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2866. PoCs published by Kozan.

AI-analyzed exploit summary This exploit reads plaintext credentials stored in the Windows Registry by Mercora IMRadio 4.0.0.0, demonstrating an information disclosure vulnerability. It queries specific registry keys to extract username and password values.

Description

Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in the MercoraClient\Profiles registry key, which allows local users to gain privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kozan · clocalwindows

https://www.exploit-db.com/exploits/1173

View Code ZIP pw:eip

This exploit reads plaintext credentials stored in the Windows Registry by Mercora IMRadio 4.0.0.0, demonstrating an information disclosure vulnerability. It queries specific registry keys to extract username and password values.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Mercora IMRadio 4.0.0.0

No auth needed

Prerequisites: Local access to the Windows system where Mercora IMRadio is installed

MITRE ATT&CK

T1552.002 - Credentials in Registry

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Vendor Advisory vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014780

Scores

EPSS 0.0069

EPSS Percentile 47.8%

Details

Status published

Published Sep 08, 2005

Tracked Since Feb 18, 2026