CVE-2019-9017

HIGH

SolarWinds DameWare Mini Remote Control 10.0 - Buffer Overflow via Machine Name Size Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-9017. PoCs published by Dino Barlattani.

AI-analyzed exploit summary This VBScript PoC exploits a buffer overflow vulnerability in Dameware Mini Remote Control by passing an oversized buffer to the machine host name parameter. The script automates the execution of DWRCC.exe with a malformed argument to trigger the vulnerability.

Description

DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name.

Exploits (1)

exploitdb WORKING POC
by Dino Barlattani · textdoswindows
https://www.exploit-db.com/exploits/46793

This VBScript PoC exploits a buffer overflow vulnerability in Dameware Mini Remote Control by passing an oversized buffer to the machine host name parameter. The script automates the execution of DWRCC.exe with a malformed argument to trigger the vulnerability.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: SolarWinds Dameware Mini Remote Control 10.0 x64
No auth needed
Prerequisites: Dameware Mini Remote Control 10.0 x64 installed on Windows · Local execution access
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
http://www.binaryworld.it/guidepoc.asp
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/46793/

Scores

CVSS v3 7.5
EPSS 0.2059
EPSS Percentile 97.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-787
Status published
Products (1)
solarwinds/dameware_mini_remote_control 10.0
Published May 02, 2019
Tracked Since Feb 18, 2026