CVE-2008-1885

NeffyLauncher 1.0.5 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1885. PoCs published by Simon Ryeo.

AI-analyzed exploit summary The document describes two vulnerabilities in CDNetworks Nefficient Download (NeffyLauncher.dll) ActiveX control, allowing remote code execution via malicious file placement and keycode bypass. It provides technical details but lacks executable exploit code.

Description

Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download allows remote attackers to download arbitrary code onto a client system via a .. (dot dot) in the SkinPath parameter and a .zip URL in the HttpSkin parameter. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Simon Ryeo · textremotewindows

https://www.exploit-db.com/exploits/5397

View Code ZIP pw:eip

The document describes two vulnerabilities in CDNetworks Nefficient Download (NeffyLauncher.dll) ActiveX control, allowing remote code execution via malicious file placement and keycode bypass. It provides technical details but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: NeffyLauncher 1.0.5

No auth needed

Prerequisites: Write permission on a vulnerable website or a valid keycode · Victim interaction to load malicious ActiveX parameters

MITRE ATT&CK