CVE-2015-2094

WebGate WinRDS - Stack-Based Buffer Overflow in WESPPlaybackCtrl

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2015-2094. PoCs published by Praveen Darshanam.

AI-analyzed exploit summary This is a stack-based buffer overflow exploit targeting WebGate WinRDS PlaySiteAllChannel via a maliciously crafted HTML file. It leverages a vulnerable ActiveX control to achieve remote code execution by overwriting SEH and executing shellcode.

Description

Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 control in WebGate WinRDS allows remote attackers to execute arbitrary code via unspecified vectors to the (1) PrintSiteImage, (2) PlaySiteAllChannel, (3) StopSiteAllChannel, or (4) SaveSiteImage function.

Exploits (2)

exploitdb WORKING POC
by Praveen Darshanam · htmlremotewindows
https://www.exploit-db.com/exploits/36604

This is a stack-based buffer overflow exploit targeting WebGate WinRDS PlaySiteAllChannel via a maliciously crafted HTML file. It leverages a vulnerable ActiveX control to achieve remote code execution by overwriting SEH and executing shellcode.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: WebGate WinRDS (WESPPlayback.dll)
No auth needed
Prerequisites: Victim must open the malicious HTML file in a vulnerable browser (IE6/7/8) · Target system must have the vulnerable WebGate WinRDS software installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Praveen Darshanam · htmlremotewindows
https://www.exploit-db.com/exploits/36517

This exploit targets a stack-based buffer overflow in WebGate WinRDS 2.0.8 via the WESPPlayback.WESPPlaybackCtrl.1 ActiveX control. It leverages SEH overwrite with a NOP sled and shellcode to achieve remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: WebGate WinRDS 2.0.8
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer 6/7/8 on Windows XP SP3 · WebGate WinRDS 2.0.8 must be installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/72841
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-071/
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/118905
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-074/
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/118906
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/118907
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-073/
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/36517/
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/118908
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-072/

Scores

EPSS 0.1411
EPSS Percentile 96.1%

Details

CWE
CWE-119
Status published
Products (1)
webgateinc/winrds
Published Mar 09, 2015
Tracked Since Feb 18, 2026