EIP-2026-119176

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119176. PoCs published by Nine:Situations:Group.

AI-analyzed exploit summary This exploit leverages an insecure method (PackageFiles) in the SupportSoft DNA Editor ActiveX control (dnaedit.dll v6.9.2205) to achieve remote code execution via script injection and directory traversal. The PoC injects VBScript into a system file (msinfo.htm) and triggers execution via the Help and Support Center Service.

Description

SupportSoft DNA Editor Module - 'dnaedit.dll' Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nine:Situations:Group · htmlremotewindows

https://www.exploit-db.com/exploits/8160

View Code ZIP pw:eip

This exploit leverages an insecure method (PackageFiles) in the SupportSoft DNA Editor ActiveX control (dnaedit.dll v6.9.2205) to achieve remote code execution via script injection and directory traversal. The PoC injects VBScript into a system file (msinfo.htm) and triggers execution via the Help and Support Center Service.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SupportSoft DNA Editor Module (dnaedit.dll v6.9.2205)

No auth needed

Prerequisites: Victim must use IE6/7 with the vulnerable ActiveX control installed · ActiveX control must be marked as safe for scripting

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

SupportSoft DNA Editor Module - 'dnaedit.dll' Code Execution

Exploitation Summary

Description

Exploits (1)

Details