What is CVE-2012-10041?

CVE-2012-10041 is a vulnerability in Wan Emulator, classified under OS Command Injection. Published 2025-08-08.

Is CVE-2012-10041 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Wan Emulator

CVE-2012-10041

WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls shell_exec() with unsanitized input from the pc POST parameter, allowing remote attackers to execute arbitrary commands as the ww…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.742 (98.9th percentile) — read the EPSS interpretation.

Affected products

Wan Emulator — versions 2.3

Weakness classification (CWE)

CWE-78 — OS Command Injection

Public proof-of-concept exploits

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/l… (exploit)
www.exploit-db.com/exploits/21190 (exploit)
sourceforge.net/projects/wanem/ (product)
www.vulncheck.com/advisories/wan-emulator-command-execution (third-party-advisory)

Frequently asked questions

What is CVE-2012-10041?: CVE-2012-10041 is a vulnerability in Wan Emulator, classified under OS Command Injection. Published 2025-08-08.
Is CVE-2012-10041 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.