KEVIntel
PRO Back to KEVs
10.0
CVSS
High

CVE-2009-0545

PUBLISHED

cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the type...

Not yet in CISA KEV

Exploited in the wild PoC available Remote Low complexity
Vendor
ZeroShell
Product
ZeroShell
Published
Feb 12, 2009
EPSS

Automate This Intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Learn about Pro

Description

cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the type parameter in a NoAuthREQ x509List action.

nuclei_scanner

CVSS Scores

CVSS v2.0 10.0 High

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitation Status

Exploited in the wild

Recorded 2025-06-10 00:00:00 UTC · The Shadowserver (via CIRCL)

Proof of concept available

Recorded 2025-04-28 15:02:35 UTC · Nuclei Templates

References

Known Exploited Vulnerability Sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
The Shadowserver (via CIRCL) First 2025-06-10 00:00 UTC

Scanner Integrations

Scanner Reference Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/zeroshell_exec.rb Apr 28, 2025
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2009/CVE-2009-0545.yaml Apr 25, 2025

Potential Proof of Concepts

These PoCs are unverified and could contain malware. Use at your own risk.

CVE-2009-0545

nuclei · Created Unknown

zeroshell_exec

metasploit · Created Unknown

Metasploit module for CVE-2009-0545

Timeline

  • Added to KEVIntel

  • Detected by Metasploit

  • Proof of Concept Exploit Available

  • Detected by Nuclei

  • CVE Published to Public

  • CVE ID Reserved