EIP-2026-118665

PRE-CVE

IBM EGatherer 2.0 - ActiveX Control Dangerous Method

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118665. PoCs published by eEye Digital Security Team.

AI-analyzed exploit summary The exploit demonstrates how the IBM eGatherer ActiveX control's `SetDebugging` method can be abused to silently install a malicious executable via a crafted HTML page. The example shows two HTML snippets that leverage the ActiveX control to write an HTA file, which could be used to execute arbitrary code.

Description

IBM EGatherer 2.0 - ActiveX Control Dangerous Method

Exploits (1)

exploitdb WORKING POC VERIFIED

by eEye Digital Security Team · htmlremotewindows

https://www.exploit-db.com/exploits/24220

View Code ZIP pw:eip

The exploit demonstrates how the IBM eGatherer ActiveX control's `SetDebugging` method can be abused to silently install a malicious executable via a crafted HTML page. The example shows two HTML snippets that leverage the ActiveX control to write an HTA file, which could be used to execute arbitrary code.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: IBM eGatherer ActiveX control (CLSID: 74FFE28D-2378-11D5-990C-006094235084)

No auth needed

Prerequisites: Victim must have the vulnerable IBM eGatherer ActiveX control installed · Victim must visit a malicious webpage hosting the exploit

MITRE ATT&CK

T1189 - Drive-by Compromise T1218.002 - Control Panel

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026