What is CVE-2009-20011?

CVE-2009-20011 is a vulnerability in Contentkeeper Technologies Web Appliance, classified under Unrestricted Upload of File with Dangerous Type. Published 2025-08-30.

Is CVE-2009-20011 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Contentkeeper Technologies Web Appliance

CVE-2009-20011

ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 are vulnerable to remote command execution due to insecure handling of file uploads via the mimencode CGI utility. The vulnerability allows unauthenti…

Vulnerability class: Unrestricted File Upload

EPSS: 0.641 (98.5th percentile) — read the EPSS interpretation.

Affected products

Contentkeeper Technologies Web Appliance — versions 0

Weakness classification (CWE)

Public proof-of-concept exploits

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/u… (exploit)
www.aushack.com/200904-contentkeeper.txt (exploit)
www.ativion.com/contentkeeper/ (product, patch)
web.archive.org/web/20081220084819/http://www.contentkeeper.com/ (product)
www.vulncheck.com/advisories/contentkeeper-web-appliance-rce-via-mimencode (third-party-advisory)

Frequently asked questions

What is CVE-2009-20011?: CVE-2009-20011 is a vulnerability in Contentkeeper Technologies Web Appliance, classified under Unrestricted Upload of File with Dangerous Type. Published 2025-08-30.
Is CVE-2009-20011 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.