EIP-2026-116217

PRE-CVE

SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116217. PoCs published by DSecRG.

AI-analyzed exploit summary The exploit demonstrates a buffer overflow vulnerability in the SAPIrRfc ActiveX component of SAP GUI for Windows 6.4. It includes a functional HTML-based PoC that triggers a DoS or potential RCE via the 'Accept' method with an overly long argument.

Description

SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by DSecRG · textdoswindows

https://www.exploit-db.com/exploits/8899

View Code ZIP pw:eip

The exploit demonstrates a buffer overflow vulnerability in the SAPIrRfc ActiveX component of SAP GUI for Windows 6.4. It includes a functional HTML-based PoC that triggers a DoS or potential RCE via the 'Accept' method with an overly long argument.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: SAP GUI for Windows 6.4

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · SAP GUI for Windows 6.4 with vulnerable ActiveX component installed

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026