EIP-2026-119332

PRE-CVE

Zenturi ProgramChecker - ActiveX Multiple Insecure Methods

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119332. PoCs published by shinnai.

AI-analyzed exploit summary This exploit demonstrates insecure methods in the Zenturi ProgramChecker ActiveX control, allowing arbitrary file deletion via the DeleteItem and QuarantineItem methods. It targets the system.ini file, which can render the system unbootable if deleted.

Description

Zenturi ProgramChecker - ActiveX Multiple Insecure Methods

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/4049

View Code ZIP pw:eip

This exploit demonstrates insecure methods in the Zenturi ProgramChecker ActiveX control, allowing arbitrary file deletion via the DeleteItem and QuarantineItem methods. It targets the system.ini file, which can render the system unbootable if deleted.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Zenturi ProgramChecker ActiveX Control (clsid:41A5D8DB-EA47-4DE9-B249-1F55738FEA20)

No auth needed

Prerequisites: ActiveX control must be installed and enabled in Internet Explorer

MITRE ATT&CK

T1221 - Template Injection

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026