Exploit-DB
[webapps] SumatraPDF 3.5.2 - Remote Code Execution
ATT&CK techniques detected
T1204.002Malicious File
90%
“##name ) : print ( " [! ] generating dummy payload ( would open calc. exe in real attack )... " ) with open ( payload _ filename, " wb " ) as f : f. write ( b " mz " + b " \ x90 " * 200 + b " fake payload - replace with real shellcode " ) @ app. route ( " / update - check - rel. …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1203Exploitation for Client Execution
49%
“[ webapps ] sumatrapdf 3. 5. 2 - remote code execution sumatrapdf 3. 5. 2 - remote code execution # exploit title : sumatrapdf 3. 5. 2 - remote code execution # date : 2026 - 02 - 10 # exploit author : mohammed i. banyamer # vendor homepage : https : / / www. sumatrapdfreader. or…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1071.001Web Protocols
42%
“= = = = = = = = = = = = = = = = = = = " ) print ( " [ * ] listening on http : / / 0. 0. 0. 0 : 5000 " ) print ( " [ * ] point victim traffic to this host for update - check - rel. txt " ) print ( " = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
36%
“[ webapps ] sumatrapdf 3. 5. 2 - remote code execution sumatrapdf 3. 5. 2 - remote code execution # exploit title : sumatrapdf 3. 5. 2 - remote code execution # date : 2026 - 02 - 10 # exploit author : mohammed i. banyamer # vendor homepage : https : / / www. sumatrapdfreader. or…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
SumatraPDF 3.5.2 - Remote Code Execution