CVE-2008-0551

Sejoong Namo ActiveSquare - Remote Code Execution via NamoInstaller.NamoInstall.1 ActiveX Control

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0551. PoCs published by plan-s.

AI-analyzed exploit summary This exploit targets a vulnerability in Namo Web Editor's NamoInstaller.dll (CVE-2008-0551) by invoking the Install method via an ActiveX object. It forces the download and execution of a remote executable when the page loads.

Description

The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web Editor in Sejoong Namo ActiveSquare 6 allows remote attackers to execute arbitrary code via a URL in the argument to the Install method. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by plan-s · htmlremotewindows

https://www.exploit-db.com/exploits/4986

View Code ZIP pw:eip

This exploit targets a vulnerability in Namo Web Editor's NamoInstaller.dll (CVE-2008-0551) by invoking the Install method via an ActiveX object. It forces the download and execution of a remote executable when the page loads.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Namo Web Editor NamoInstaller.dll version 3.0.0.1

No auth needed

Prerequisites: Victim must visit the malicious webpage · Namo Web Editor with vulnerable NamoInstaller.dll installed · ActiveX controls enabled in IE

MITRE ATT&CK