Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-4487 — F5 Nginx vulnerability

9 documents9 sources

Severity

6.8MEDIUMNVD

EPSS

2.2%

top 15.44%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

F5 Nginx

Timeline

PublishedJan 13

Latest updateMay 2

Description

nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDf5/nginx0.7.64

Patches

Patch: www.ush.it ↗Patch: www.ush.it ↗

🔴Vulnerability Details

GHSA

GHSA-94g9-mcw4-f749: nginx 0↗2022-05-02

▶

CVEList

CVE-2009-4487: nginx 0↗2010-01-13

▶

OSV

CVE-2009-4487: nginx 0↗2010-01-13

▶

💥Exploits & PoCs

Exploit-DB

Nginx 0.7.64 - Terminal Escape Sequence in Logs Command Injection↗2010-01-11

▶

📋Vendor Advisories

Microsoft

CVE-2009-4487: NIST NVD Details: https://nvd↗2020-11-10

▶

Red Hat

nginx: Absent sanitation of escape sequences in web server log↗2010-01-10

▶

Debian

CVE-2009-4487: nginx - nginx 0.7.64 writes data to a log file without sanitizing non-printable characte...↗2009

▶

💬Community

Bugzilla

CVE-2009-4487 nginx: Absent sanitation of escape sequences in web server log↗2010-02-08

▶