EIP-2026-119064

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119064. PoCs published by rgod.

AI-analyzed exploit summary This exploit leverages an unsafe ActiveX control in Quest vWorkspace 7.5 to arbitrarily create or overwrite files on the target system via the SaveMiniLaunchFile() method. The PoC demonstrates file creation at c:\windows\win.ini without requiring user interaction beyond executing the script.

Description

Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · textremotewindows

https://www.exploit-db.com/exploits/18704

View Code ZIP pw:eip

This exploit leverages an unsafe ActiveX control in Quest vWorkspace 7.5 to arbitrarily create or overwrite files on the target system via the SaveMiniLaunchFile() method. The PoC demonstrates file creation at c:\windows\win.ini without requiring user interaction beyond executing the script.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Quest vWorkspace 7.5 Connection Broker Client (pnllmcli.dll 7.5.304.547)

No auth needed

Prerequisites: ActiveX control must be registered and marked as safe for scripting/initialization · Target must visit a malicious webpage or open the HTML file

MITRE ATT&CK

T1218 - System Binary Proxy Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite

Exploitation Summary

Description

Exploits (1)

Details