CVE-2018-7756

CRITICAL

DEWESoft X3 SP1 - Unauthenticated Remote Code Execution via RunExeFile.exe TCP Port 1999

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7756. PoCs published by hyp3rlinx.

AI-analyzed exploit summary The exploit demonstrates unauthenticated remote command execution via TCP port 1999 in DEWESoft X3 SP1's RunExeFile.exe. Commands like RUN, SETFIREWALL, and KILL can be executed without authentication, allowing arbitrary code execution.

Description

RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices does not require authentication for sessions on TCP port 1999, which allows remote attackers to execute arbitrary code or access internal commands, as demonstrated by a RUN command that launches a .EXE file located at an arbitrary external URL, or a "SETFIREWALL Off" command.

Exploits (1)

exploitdb WORKING POC
by hyp3rlinx · textremotewindows_x86-64
https://www.exploit-db.com/exploits/44275

The exploit demonstrates unauthenticated remote command execution via TCP port 1999 in DEWESoft X3 SP1's RunExeFile.exe. Commands like RUN, SETFIREWALL, and KILL can be executed without authentication, allowing arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: DEWESoft X3 SP1 (64-bit)
No auth needed
Prerequisites: Network access to TCP port 1999 · DEWESoft X3 SP1 installed on target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44275/

Scores

CVSS v3 9.8
EPSS 0.6247
EPSS Percentile 99.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-94
Status published
Products (1)
dewesoft/dewesoft x3 sp1
Published Mar 15, 2018
Tracked Since Feb 18, 2026