CVE-2010-3128

TeamViewer < 5.0.8703 - Untrusted Search Path and DLL Hijacking via Trojan Horse dwmapi.dll

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3128. PoCs published by Glafkos Charalambous.

AI-analyzed exploit summary This exploit demonstrates DLL hijacking in TeamViewer <= 5.0.8703 by placing a malicious dwmapi.dll in the same directory as a .tvs or .tvc file. The DLL executes arbitrary code (a MessageBox in this case) when TeamViewer loads it.

Description

Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.

Exploits (1)

exploitdb WORKING POC

by Glafkos Charalambous · clocalwindows

https://www.exploit-db.com/exploits/14734

View Code ZIP pw:eip

This exploit demonstrates DLL hijacking in TeamViewer <= 5.0.8703 by placing a malicious dwmapi.dll in the same directory as a .tvs or .tvc file. The DLL executes arbitrary code (a MessageBox in this case) when TeamViewer loads it.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: TeamViewer <= 5.0.8703

No auth needed

Prerequisites: Ability to place a malicious DLL in the same directory as a TeamViewer file (.tvs or .tvc) · Victim must open the file with TeamViewer

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/14734

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/2174

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/41112

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/513317/100/0/threaded

Scores

EPSS 0.0852

EPSS Percentile 94.3%

Details

Status published

Products (5)

teamviewer/teamviewer 1.85

teamviewer/teamviewer 2.44

teamviewer/teamviewer 3.6.5523

teamviewer/teamviewer 4.1.8107

teamviewer/teamviewer < 5.0.8703

Published Aug 26, 2010

Tracked Since Feb 18, 2026