CVE-2009-4644
published 2010-02-19CVE-2009-4644: Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary…
PriorityP345critical9CVSS 2.0
AVNACLAuSCCICAC
EPSS
2.41%
82.1th percentile
Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| accellion | secure_file_transfer_appliance | — | — |
| accellion | secure_file_transfer_appliance | — | — |
| accellion | secure_file_transfer_appliance | — | — |
| accellion | secure_file_transfer_appliance | — | — |
| accellion | secure_file_transfer_appliance | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Accellion Secure File Transfer Appliance 7 0 135 Ping Command os command injection (XFDB-56248 / BID-38176)
vuldb·2026-05-01·CVSS 9.0
CVE-2009-4644 [CRITICAL] Accellion Secure File Transfer Appliance 7 0 135 Ping Command os command injection (XFDB-56248 / BID-38176)
A vulnerability identified as critical has been detected in Accellion Secure File Transfer Appliance 7 0 135. The affected element is an unknown function of the component Ping Command. The manipulation leads to os command injection.
This vulnerability is listed as CVE-2009-4644. The attack may be initiated remotely. There is no available exploit.
You should upgrade the affected component.
GHSA
GHSA-w7r3-cc9h-pg34: Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrar
ghsa_unreviewed·2022-05-02
CVE-2009-4644 [HIGH] CWE-78 GHSA-w7r3-cc9h-pg34: Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrar
Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2010-02-19
Published