CVE-2009-4491 : thttpd 2.25b0 writes data to a log file without sanitizing non-printable charact

thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.

Published 2010-01-13 20:30:01

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2009-4491

Acme » Thttpd » Version: 2.25 Update B
cpe:2.3:a:acme:thttpd:2.25:b:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2009-4491

Top countries where our scanners detected CVE-2009-4491

Top open port discovered on systems with this issue 80

IPs affected by CVE-2009-4491 160,086

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2009-4491!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2009-4491

EPSS FAQ

3.64%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 87 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2009-4491

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-07-12
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2009-4491

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)
CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

References for CVE-2009-4491

http://www.securityfocus.com/archive/1/508830/100/0/threaded

SecurityFocus

CVEs referencing this url
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt

Exploit

CVEs referencing this url
http://packetstormsecurity.com/files/175949/m-privacy-TightGate-Pro-Code-Execution-Insecure-Permissions.html

m-privacy TightGate-Pro Code Execution / Insecure Permissions ≈ Packet Storm

CVEs referencing this url
http://seclists.org/fulldisclosure/2023/Nov/13

Full Disclosure: SEC Consult SA-20231122 :: Multiple Vulnerabilities in m-privacy TightGate-Pro

CVEs referencing this url