CVE-2012-4876

TRENDnet SecurView TV-IP121WN - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2012-4876. PoCs published by Metasploit, rgod, rgod, sinn3r, including Metasploit module exploits/windows/browser/ultramjcam_openfiledig_bof.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in TRENDnet SecurView Internet Camera's ActiveX control via the OpenFileDlg() function, leading to arbitrary code execution. The exploit uses heap spraying and a long string to trigger the overflow.

Description

Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/18709

This Metasploit module exploits a buffer overflow in TRENDnet SecurView Internet Camera's ActiveX control via the OpenFileDlg() function, leading to arbitrary code execution. The exploit uses heap spraying and a long string to trigger the overflow.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: TRENDnet SecurView Internet Camera UltraMJCam ActiveX control
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be installed and enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by rgod · textremotehardware
https://www.exploit-db.com/exploits/18675

This exploit targets a stack-based buffer overflow in the TRENDnet SecurView TV-IP121WN camera's ActiveX control via the OpenFileDlg method. The overflow is triggered by an insecure WideCharToMultiByte call, allowing arbitrary code execution through a crafted JavaScript payload.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control (File version: 1, 1, 52, 18)
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer with the vulnerable ActiveX control installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by rgod, sinn3r · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb

This Metasploit module exploits a buffer overflow vulnerability in TRENDnet SecurView Internet Camera's ActiveX control via the OpenFileDlg() function. It leverages a long string in the sFilter argument to trigger a stack overflow, leading to arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: TRENDnet SecurView Internet Camera (UltraMJCam ActiveX control)
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be installed and enabled
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48601
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/80661
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-03/0152.html
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/18675
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/52760

Scores

EPSS 0.7118
EPSS Percentile 99.3%

Details

CWE
CWE-119
Status published
Products (2)
trendnet/securview_wireless_internet_camera tv-ip121wn
trendnet/securview_wireless_internet_camera_activex_control 1.1.52.18
Published Sep 06, 2012
Tracked Since Feb 18, 2026