CVE-2010-5333

CRITICAL

Integard Pro/Home <2.0.0.9037 & 2.2.x <2.2.0.9037 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2010-5333. PoCs published by Lincoln_ Nullthreat_ rick2600, Node, Lincoln, Nullthreat, rick2600, including Metasploit module exploits/windows/http/integard_password_bof.

AI-analyzed exploit summary This is a Metasploit module exploiting a buffer overflow vulnerability in Integard Home/Pro HTTP Server. It uses SEH overwrites and a reverse shell payload to achieve remote code execution.

Description

The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execution. An SEH-overwrite buffer overflow already existed for the vulnerable software. This CVE is to track an alternate exploitation method, utilizing an EIP-overwrite buffer overflow.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Lincoln_ Nullthreat_ rick2600 · rubyremotewindows_x86
https://www.exploit-db.com/exploits/14941

This is a Metasploit module exploiting a buffer overflow vulnerability in Integard Home/Pro HTTP Server. It uses SEH overwrites and a reverse shell payload to achieve remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Integard Home/Pro version 2.0
No auth needed
Prerequisites: Network access to the target server · Vulnerable version of Integard Home/Pro
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Node · rubyremotewindows
https://www.exploit-db.com/exploits/15016

This is a Metasploit module exploiting a stack buffer overflow in Race River Integard Pro 2.2.0.9026 via a long password field in the admin login page. It uses ROP techniques to bypass DEP and achieve remote code execution on Windows 7 x64.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Race River Integard Pro 2.2.0.9026
No auth needed
Prerequisites: Network access to port 18881 · Vulnerable version of Integard Pro
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by Lincoln, Nullthreat, rick2600 · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/integard_password_bof.rb

This Metasploit module exploits a stack buffer overflow in Race River Integard Home/Pro HTTP Server via a long password field in the LoginAdmin endpoint. It overwrites SEH and EIP to achieve remote code execution with SYSTEM privileges.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Race River Integard Home/Pro < 2.0.0.9037 and < 2.2.0.9037
No auth needed
Prerequisites: Network access to port 18881 · Vulnerable version of Integard Home/Pro
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://www.exploit-db.com/exploits/14941
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://www.exploit-db.com/exploits/15016

Scores

CVSS v3 9.8
EPSS 0.7702
EPSS Percentile 99.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (2)
integard_home_project/integard_home < 2.0.0.9037
integard_pro_project/integard_pro < 2.0.0.9037
Published Sep 13, 2019
Tracked Since Feb 18, 2026