EIP-2026-117637

PRE-CVE

MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117637. PoCs published by C4SS!0 G0M3S.

AI-analyzed exploit summary This exploit leverages a buffer overflow in MP3 CD Converter Professional 5.3.0 to bypass DEP via ROP and execute arbitrary shellcode (calc.exe). The ROP chain manipulates registers to call VirtualProtect and mark memory as executable.

Description

MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by C4SS!0 G0M3S · pythonlocalwindows

https://www.exploit-db.com/exploits/17654

View Code ZIP pw:eip

This exploit leverages a buffer overflow in MP3 CD Converter Professional 5.3.0 to bypass DEP via ROP and execute arbitrary shellcode (calc.exe). The ROP chain manipulates registers to call VirtualProtect and mark memory as executable.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: MP3 CD Converter Professional 5.3.0

No auth needed

Prerequisites: Victim must open the malicious .pls file

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026