CVE-2010-10017

HIGH

WM Downloader 3.1.2.2 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2010-10017. PoCs published by Metasploit, fdiskyou, fdisk, dookie, including Metasploit module exploits/windows/fileformat/wm_downloader_m3u.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in WM Downloader 3.1.2.2 by crafting a malicious M3U file. The exploit leverages a SEH overwrite to achieve arbitrary code execution on Windows systems.

Description

WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records and execute arbitrary code. Exploitation occurs locally when a user opens the malicious file, and the payload executes with the privileges of the current user.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/16642

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in WM Downloader 3.1.2.2 by crafting a malicious M3U file. The exploit leverages a SEH overwrite to achieve arbitrary code execution on Windows systems.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WM Downloader 3.1.2.2

No auth needed

Prerequisites: Victim must open the crafted M3U file with WM Downloader

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by fdiskyou · pythonlocalwindows

https://www.exploit-db.com/exploits/14497

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in WM Downloader 3.1.2.2 via a crafted .m3u file. It leverages SEH overwrite with a jump to shellcode that executes calc.exe.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WM Downloader 3.1.2.2 2010.04.15

No auth needed

Prerequisites: Victim must open the malicious .m3u file in WM Downloader

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by fdisk, dookie · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/wm_downloader_m3u.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in WM Downloader 3.1.2.2 via a crafted M3U file, allowing arbitrary code execution. It uses SEH overwrites and a jump to shellcode to achieve RCE.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WM Downloader 3.1.2.2

No auth needed

Prerequisites: Victim must open the malicious M3U file with WM Downloader

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/wm_downloader_m3u.rb

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/14497

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/16642

Vendor Advisory third-party-advisory

https://www.fortiguard.com/encyclopedia/ips/24038/wm-downloader-buffer-overflow

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/wm-downloader-buffer-overflow-via-malformed-m3u-file

Scores

CVSS v4 8.4

EPSS 0.0030

EPSS Percentile 21.9%

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-120 CWE-134

Status published

Products (1)

WM Downloader/WM Downloader < 3.1.2.2

Published Aug 30, 2025

Tracked Since Feb 18, 2026