This module allows remote attackers to place arbitrary files on a temporary folder in the AdminStudio LaunchHelp.dll ActiveX Control (LaunchHelp.dll 9.5.0.0). Code execution can be achieved by first uploading a vbs file, the vbs script request an exe file and execute it. This module runs a web server waiting for vulnerable clients (Internet Explorer 7 or 8) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
CVE Link
Exploit Platform
Exploit Type
Product Name