EIP-2026-117335

PRE-CVE

Internet Download Manager 6.25 Build 14 - 'Find file' Unicode (SEH)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117335. PoCs published by Rakan Alotaibi.

AI-analyzed exploit summary This exploit targets a Unicode SEH buffer overflow in Internet Download Manager 6.25 Build 14 via the 'Find file' textbox. It uses an egghunter and shellcode to achieve remote code execution.

Description

Internet Download Manager 6.25 Build 14 - 'Find file' Unicode (SEH)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Rakan Alotaibi · pythonlocalwindows

https://www.exploit-db.com/exploits/39579

View Code ZIP pw:eip

This exploit targets a Unicode SEH buffer overflow in Internet Download Manager 6.25 Build 14 via the 'Find file' textbox. It uses an egghunter and shellcode to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Internet Download Manager 6.25 Build 14

No auth needed

Prerequisites: Internet Download Manager 6.25 Build 14 installed on Windows 7 SP1 x86 · User interaction to paste exploit string into 'Find file' textbox

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026