What is CVE-2009-0545?

CVE-2009-0545 is a vulnerability in N/a. Published 2009-02-12.

Is CVE-2009-0545 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2009-0545

cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the type parameter in a NoAuthREQ x509List action.

EPSS: 0.935 (99.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
20142995/nuclei-templates
ARPSyndicate/cve-scores
ARPSyndicate/kenzer-templates
Elsfa7-110/kenzer-templates
d4n-sec/d4n-sec.github.io
gnarkill78/CSA_

References

20090209 ZeroShell <= 1.0beta11 Remote Code Execution (mailing-list, x_refsource_BUGTRAQ)
www.zeroshell.net/eng/announcements/ (x_refsource_MISC)
8023 (exploit, x_refsource_EXPLOIT-DB)
www.ikkisoft.com/stuff/LC-2009-01.txt (x_refsource_MISC)
ADV-2009-0385 (vdb-entry, x_refsource_VUPEN)
www.zeroshell.net/eng/patch-details/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2009-0545?: CVE-2009-0545 is a vulnerability in N/a. Published 2009-02-12.
Is CVE-2009-0545 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.