CVE-2012-6274

BigAntSoft BigAnt IM Message Server - Unauthenticated Arbitrary File Write via File Upload

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-6274. PoCs published by Metasploit, Hamburgers Maccoy, juan vazquez, including Metasploit module exploits/windows/misc/bigant_server_dupf_upload.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in BigAnt Server 2.97 SP7 via the DUPF command, allowing unauthenticated directory traversal and file upload. It leverages WMI (Windows Management Instrumentation) to execute a payload on vulnerable Windows systems.

Description

BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/24528

View Code ZIP pw:eip

This Metasploit module exploits an arbitrary file upload vulnerability in BigAnt Server 2.97 SP7 via the DUPF command, allowing unauthenticated directory traversal and file upload. It leverages WMI (Windows Management Instrumentation) to execute a payload on vulnerable Windows systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: BigAnt Server 2.97 SP7

No auth needed

Prerequisites: Network access to BigAnt Server on port 6661 · Vulnerable version of BigAnt Server (2.97 SP7)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1047 - Windows Management Instrumentation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Hamburgers Maccoy, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/bigant_server_dupf_upload.rb

View Code ZIP pw:eip

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in BigAnt Server 2.97 SP7 via the DUPF command, allowing directory traversal and remote code execution through WMI.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: BigAnt Server 2.97 SP7

No auth needed

Prerequisites: Network access to BigAnt Server on port 6661 · Windows XP/2003 target with WMI service

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1047 - Windows Management Instrumentation

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/990652

Scores

EPSS 0.4687

EPSS Percentile 98.7%

Details

CWE

CWE-287

Status published

Products (1)

bigantsoft/bigant_im_message_server

Published Feb 24, 2013

Tracked Since Feb 18, 2026