CVE-2015-0555

Samsung iPOLiS Device Manager 1.12.2 - Remote Code Execution via ReadConfigValue or WriteConfigValue Function

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2015-0555. PoCs published by Praveen Darshanam.

AI-analyzed exploit summary This exploit targets a heap spray vulnerability in Samsung iPOLiS 1.12.2 via the ReadConfigValue method of an ActiveX control. It uses a combination of heap spraying and shellcode execution to achieve remote code execution on vulnerable systems.

Description

Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteConfigValue function.

Exploits (2)

exploitdb WORKING POC

by Praveen Darshanam · htmlremotewindows

https://www.exploit-db.com/exploits/36756

View Code ZIP pw:eip

This exploit targets a heap spray vulnerability in Samsung iPOLiS 1.12.2 via the ReadConfigValue method of an ActiveX control. It uses a combination of heap spraying and shellcode execution to achieve remote code execution on vulnerable systems.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Samsung iPOLiS 1.12.2

No auth needed

Prerequisites: Victim must visit a malicious webpage using Internet Explorer 6/7 on Windows XP SP3 · ActiveX control must be enabled

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by Praveen Darshanam · htmldoswindows

https://www.exploit-db.com/exploits/36152

View Code ZIP pw:eip

This is a working proof-of-concept exploit for CVE-2015-0555, targeting a buffer overflow vulnerability in Samsung iPOLiS XnsSdkDeviceIpInstaller ActiveX control. The exploit triggers a stack-based buffer overflow via the WriteConfigValue method, leading to an ACCESS_VIOLATION and potential remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Samsung iPOLiS Device Manager 1.12.2

No auth needed

Prerequisites: Victim must have Samsung iPOLiS Device Manager 1.12.2 installed · Victim must visit a malicious webpage hosting the exploit

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit x_refsource_misc

http://packetstormsecurity.com/files/131421/Samsung-iPOLiS-1.12.2-ReadConfigValue-Remote-Code-Execution.html

Exploit mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2015/Feb/81

Scores

EPSS 0.0639

EPSS Percentile 92.8%

Details

CWE

CWE-119

Status published

Products (1)

samsung/ipolis_device_manager 1.12.2

Published Feb 24, 2015

Tracked Since Feb 18, 2026