EIP-2026-117521

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117521. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits a vulnerability in Microsoft Windows Contact File Format by crafting a malicious .contact file that references an executable instead of a URL, leading to arbitrary code execution when the user clicks the link. The exploit generates a ZIP archive containing both the malicious .contact file and the payload executable.

Description

Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/46692

View Code ZIP pw:eip

This Metasploit module exploits a vulnerability in Microsoft Windows Contact File Format by crafting a malicious .contact file that references an executable instead of a URL, leading to arbitrary code execution when the user clicks the link. The exploit generates a ZIP archive containing both the malicious .contact file and the payload executable.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Windows (Contact File Format)

No auth needed

Prerequisites: User interaction (opening the malicious file) · Payload executable generation

MITRE ATT&CK

T1204 - User Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)

Exploitation Summary

Description

Exploits (1)

Details