CVE-2008-1116

Rising Antivirus Online Scanner - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1116. PoCs published by John Smith.

AI-analyzed exploit summary This exploit leverages an insecure method in Rising AntiVirus's ActiveX control to achieve remote code execution by downloading and executing a malicious DLL. The PoC demonstrates the vulnerability by triggering the ActiveX control to fetch and run a payload from a remote server.

Description

Insecure method vulnerability in the Web Scan Object ActiveX control (OL2005.dll) in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngine method. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by John Smith · htmlremotewindows

https://www.exploit-db.com/exploits/5188

View Code ZIP pw:eip

This exploit leverages an insecure method in Rising AntiVirus's ActiveX control to achieve remote code execution by downloading and executing a malicious DLL. The PoC demonstrates the vulnerability by triggering the ActiveX control to fetch and run a payload from a remote server.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Rising AntiVirus (Free Online Scanner ActiveX Control)

No auth needed

Prerequisites: Victim must visit a malicious webpage · Rising AntiVirus Free Online Scanner ActiveX control must be installed · ActiveX must be enabled in the browser

MITRE ATT&CK

T1189 - Drive-by Compromise T1218.002 - Control Panel

devstral-2 · analyzed Feb 16, 2026 Full analysis →