EIP-2026-119005

PRE-CVE

Oracle AutoVue 20.0.1 - 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119005. PoCs published by rgod.

AI-analyzed exploit summary This exploit leverages an insecure method in the Oracle AutoVue AutoVueX ActiveX control to create or overwrite arbitrary files, leading to remote code execution. The PoC uses the ExportEdaBom method to write a malicious HTA file to the Startup folder, which executes when the system starts.

Description

Oracle AutoVue 20.0.1 - 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · htmlremotewindows

https://www.exploit-db.com/exploits/36250

View Code ZIP pw:eip

This exploit leverages an insecure method in the Oracle AutoVue AutoVueX ActiveX control to create or overwrite arbitrary files, leading to remote code execution. The PoC uses the ExportEdaBom method to write a malicious HTA file to the Startup folder, which executes when the system starts.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Oracle AutoVue 20.0.1

No auth needed

Prerequisites: Victim must visit a malicious webpage or open a malicious HTML file · ActiveX control must be installed and enabled

MITRE ATT&CK

T1189 - Drive-by Compromise T1204 - User Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026