Vulnerability Details : CVE-2009-4098
Public exploit exists!
Unrestricted file upload vulnerability in banner-edit.php in OpenX adserver 2.8.1 and earlier allows remote authenticated users with banner / file upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an images directory.
Vulnerability category: Input validationExecute code
Exploit prediction scoring system (EPSS) score for CVE-2009-4098
12.83%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2009-4098
-
OpenX banner-edit.php File Upload PHP Code Execution
Disclosure Date: 2009-11-24First seen: 2020-04-26exploit/unix/webapp/openx_banner_editThis module exploits a vulnerability in the OpenX advertising software. In versions prior to version 2.8.2, authenticated users can upload files with arbitrary extensions to be used as banner creative content. By uploading a file with a PHP extension, an attacker c
CVSS scores for CVE-2009-4098
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.0
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:P |
6.8
|
6.4
|
NIST |
CWE ids for CVE-2009-4098
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-4098
-
http://www.openx.org/docs/2.8/release-notes/openx-2.8.2
Vendor Advisory
-
https://developer.openx.org/jira/browse/OX-5747
-
http://www.securityfocus.com/archive/1/508050/100/0/threaded
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/54394
-
http://www.securityfocus.com/bid/37110
OpenX Arbitrary File Upload Vulnerability
Products affected by CVE-2009-4098
- cpe:2.3:a:openx:openx:*:*:*:*:*:*:*:*
- cpe:2.3:a:openx:openx:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:openx:openx:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:openx:openx:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:openx:openx:2.8:*:*:*:*:*:*:*