CVE-2009-1807

EXPLOITED IN THE WILD

Baofeng Storm < 3.09.04.17 - Remote Code Execution via Config.dll SetAttributeValue

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2009-1807 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit from researchers including etirah.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the BaoFeng config.dll ActiveX control via the SetAttributeValue method. It uses a heap spray technique to achieve remote code execution by overwriting memory with shellcode.

Description

Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote attackers to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009.

Exploits (1)

exploitdb WORKING POC VERIFIED
by etirah · htmlremotewindows
https://www.exploit-db.com/exploits/8757

This exploit targets a buffer overflow vulnerability in the BaoFeng config.dll ActiveX control via the SetAttributeValue method. It uses a heap spray technique to achieve remote code execution by overwriting memory with shellcode.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: BaoFeng config.dll ActiveX control
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · BaoFeng software with vulnerable config.dll ActiveX control installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1392
Exploit x_refsource_misc
http://www.cisrt.org/enblog/read.php?245

Scores

EPSS 0.0374
EPSS Percentile 88.3%

Details

VulnCheck KEV 2009-05-28
InTheWild.io 2009-06-09
Status published
Products (5)
baofeng/storm 2.7.9_8
baofeng/storm 2.7.9_10
baofeng/storm 2.8
baofeng/storm 2.9
baofeng/storm < 3.09.04.17
Published May 28, 2009
Tracked Since Feb 18, 2026