cbcvebase.
CVE-2009-2367
published 2009-07-08

CVE-2009-2367: cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers to hijack active sessions and gain privileges via…

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
23.20%
97.5th percentile
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session_id parameter.

Detection & IOCsextracted from sources · hover to see the quote

pathcgi-bin/makecgi-pro
othersession_id
  • Monitor for rapid sequential or incremental requests to cgi-bin/makecgi-pro with varying session_id parameter values, indicative of brute-force session ID enumeration.
  • Alert on high-volume requests targeting the session_id parameter of cgi-bin/makecgi-pro from a single source IP, as the session IDs are predictable/sequential and susceptible to enumeration.
  • ·Session IDs are incremented sequentially rather than generated randomly, making brute-force trivial. Any deployment of Iomega StorCenter Pro NAS with the web interface exposed should be treated as unauthenticated-accessible.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.