EIP-2026-118693

PRE-CVE

Internet Download Manager v6.41 Build 3 - Remote Code Execution (RCE)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118693. PoCs published by M. Akil Gündoğan.

AI-analyzed exploit summary This is a writeup describing a Remote Code Execution (RCE) vulnerability in Internet Download Manager v6.41 Build 3. The exploit involves a MITM attack to replace a legitimate CHM help file with a malicious one, which is then automatically executed by the software.

Description

Internet Download Manager v6.41 Build 3 - Remote Code Execution (RCE)

Exploits (1)

exploitdb WRITEUP

by M. Akil Gündoğan · textremotewindows

https://www.exploit-db.com/exploits/51131

View Code ZIP pw:eip

This is a writeup describing a Remote Code Execution (RCE) vulnerability in Internet Download Manager v6.41 Build 3. The exploit involves a MITM attack to replace a legitimate CHM help file with a malicious one, which is then automatically executed by the software.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Internet Download Manager v6.41 Build 3

No auth needed

Prerequisites: Attacker and victim on the same local network · Victim has administrative privileges · MITM attack capability (e.g., Ettercap or Bettercap) · Malicious CHM file prepared

MITRE ATT&CK

T1189 - Drive-by Compromise T1078.004 - Cloud Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026