CVE-2009-2169

Edraw PDF Viewer Component <3.2.0.126 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2169. PoCs published by Jambalaya.

AI-analyzed exploit summary This exploit leverages a vulnerability in the Edraw PDF Viewer Component ActiveX control (pdfviewer.ocx) to execute arbitrary code via the FtpConnect() and FtpDownloadFile() methods. It downloads a file from a remote FTP server and places it in the startup folder for persistence.

Description

Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Jambalaya · textremotewindows
https://www.exploit-db.com/exploits/8986

This exploit leverages a vulnerability in the Edraw PDF Viewer Component ActiveX control (pdfviewer.ocx) to execute arbitrary code via the FtpConnect() and FtpDownloadFile() methods. It downloads a file from a remote FTP server and places it in the startup folder for persistence.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Edraw PDF Viewer Component < 3.2.0.126
No auth needed
Prerequisites: Target must browse to a malicious web page · ActiveX control must be installed and not kill-bitted
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35509

Scores

EPSS 0.0450
EPSS Percentile 90.3%

Details

CWE
CWE-94
Status published
Products (1)
edraw/pdf_viewer_component < 3.2.0
Published Jun 22, 2009
Tracked Since Feb 18, 2026