EIP-2026-119154

PRE-CVE

Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Remote Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119154. PoCs published by LiquidWorm.

AI-analyzed exploit summary This is a proof-of-concept exploit for a heap-based buffer overflow in Softek Barcode Reader Toolkit ActiveX (SoftekATL.dll) via an overly long string assigned to the 'DebugTraceFile' property. The PoC demonstrates arbitrary memory corruption, potentially leading to remote code execution.

Description

Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Remote Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by LiquidWorm · textremotewindows

https://www.exploit-db.com/exploits/15071

View Code ZIP pw:eip

This is a proof-of-concept exploit for a heap-based buffer overflow in Softek Barcode Reader Toolkit ActiveX (SoftekATL.dll) via an overly long string assigned to the 'DebugTraceFile' property. The PoC demonstrates arbitrary memory corruption, potentially leading to remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Softek Barcode Reader Toolkit 7.1.4.14 (SoftekATL.dll)

No auth needed

Prerequisites: Target must have the vulnerable ActiveX control installed and enabled in Internet Explorer

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026