CVE-2010-3137

Nullsoft Winamp 5.581 - Untrusted Search Path and DLL Hijacking via Trojan Horse wnaspi32.dll

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3137. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a DLL hijacking vulnerability in Nullsoft Winamp 5.581 by providing a malicious wnaspi32.dll that executes arbitrary code when loaded by the application. The PoC compiles into a DLL that displays a message box upon execution, confirming the hijack.

Description

Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf or .cda file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by LiquidWorm · clocalwindows
https://www.exploit-db.com/exploits/14789

This exploit demonstrates a DLL hijacking vulnerability in Nullsoft Winamp 5.581 by providing a malicious wnaspi32.dll that executes arbitrary code when loaded by the application. The PoC compiles into a DLL that displays a message box upon execution, confirming the hijack.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Nullsoft Winamp 5.581
No auth needed
Prerequisites: Victim must open a file with an affected extension (e.g., .cda) in the same directory as the malicious DLL
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14789
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/41093
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6874

Scores

EPSS 0.0798
EPSS Percentile 94.0%

Details

Status published
Products (1)
nullsoft/winamp 5.581
Published Aug 26, 2010
Tracked Since Feb 18, 2026