EIP-2026-101330

PRE-CVE

IPUX CL5452/CL5132 IP Camera - 'UltraSVCamX.ocx' ActiveX Stack Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101330. PoCs published by LiquidWorm.

AI-analyzed exploit summary The exploit demonstrates a stack buffer overflow in the UltraSVCamX.ocx ActiveX control, allowing arbitrary code execution via crafted input to vulnerable properties like RemoteHost, AccountCode, SnapFileName, and OpenFolder. The PoC triggers memory corruption by sending oversized strings to these properties.

Description

IPUX CL5452/CL5132 IP Camera - 'UltraSVCamX.ocx' ActiveX Stack Buffer Overflow

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textremotehardware

https://www.exploit-db.com/exploits/35421

View Code ZIP pw:eip

The exploit demonstrates a stack buffer overflow in the UltraSVCamX.ocx ActiveX control, allowing arbitrary code execution via crafted input to vulnerable properties like RemoteHost, AccountCode, SnapFileName, and OpenFolder. The PoC triggers memory corruption by sending oversized strings to these properties.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: UltraSVCamX.ocx (versions 1.0.53.34 and 1.0.53.33)

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be installed and enabled

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026