CVE-2008-0221

Gateway Weblaunch 1.0.0.1 - Remote Code Execution via DoWebLaunch Method Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0221. PoCs published by Elazar.

AI-analyzed exploit summary This exploit leverages an insecure method in the Gateway Weblaunch ActiveX control to execute arbitrary commands by escaping the temporary directory and launching calc.exe. The vulnerability arises from improper path handling in the DoWebLaunch method.

Description

Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allows remote attackers to execute arbitrary programs via a ..\ (dot dot backslash) in the second argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Elazar · htmlremotewindows

https://www.exploit-db.com/exploits/4869

View Code ZIP pw:eip

This exploit leverages an insecure method in the Gateway Weblaunch ActiveX control to execute arbitrary commands by escaping the temporary directory and launching calc.exe. The vulnerability arises from improper path handling in the DoWebLaunch method.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Gateway Weblaunch ActiveX Control version 1.0.0.1

No auth needed

Prerequisites: Victim must have the vulnerable ActiveX control installed · Victim must visit the malicious webpage using Internet Explorer

MITRE ATT&CK

T1218 - System Binary Proxy Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/0077

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/4869

Mailing List mailing-list x_refsource_fulldisc

http://marc.info/?l=full-disclosure&m=119984138526735&w=2

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28379

Scores

EPSS 0.0573

EPSS Percentile 92.1%

Details

CWE

CWE-22

Status published

Products (1)

gateway/weblaunch 1.0.0.1

Published Jan 10, 2008

Tracked Since Feb 18, 2026