CVE-2013-6041
published 2014-12-27CVE-2013-6041: index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in a SOFTCookies sid cookie within…
PriorityP357high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.56%
87.9th percentile
index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in a SOFTCookies sid cookie within a login action.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| softaculous | webuzo | <= 2.1.3 | — |
| softaculous | webuzo | — | — |
| softaculous | webuzo | — | — |
| softaculous | webuzo | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect shell metacharacter injection (backtick command substitution) in the SOFTCookies*_sid cookie on requests to /index.php with act=login parameter ↗
- →No authentication is required to exploit this vulnerability; monitor unauthenticated GET requests to /index.php?act=login on port 2002 carrying backtick or other shell metacharacters in the SOFTCookies sid cookie ↗
- →Alert on creation of unexpected files under /home/admin/public_html/ as a post-exploitation indicator of successful command injection ↗
- ·The vulnerable cookie name includes a numeric suffix (e.g., SOFTCookies7972_sid) that may vary per installation; detection rules should use a wildcard pattern such as SOFTCookies*_sid ↗
- ·Webuzo listens on port 2002 by default; ensure network monitoring and WAF rules cover this non-standard port ↗
- ·Versions prior to 2.1.4 are vulnerable; the vendor released a fix in version 2.1.4 ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://www.softaculous.com/board/index.php?tid=4526&title=Webuzo_2.1.4_Launchedhttps://web.archive.org/web/20140126212101/http://www.baesystemsdetica.com.au/Research/Advisories/Webuzo-Multiple-Vulnerabilities-%28DS-2013-007%29http://www.softaculous.com/board/index.php?tid=4526&title=Webuzo_2.1.4_Launchedhttps://web.archive.org/web/20140126212101/http://www.baesystemsdetica.com.au/Research/Advisories/Webuzo-Multiple-Vulnerabilities-%28DS-2013-007%29
2014-12-27
Published