CVE-2009-2265

High PUBLISHED

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories...

FCKeditor · FCKeditor

Not yet in CISA KEV

PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
High
Exploitation Status
PoC available
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
Not yet in CISA KEV
CVSS / EPSS
7.5 High

At a Glance

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.

metasploit
CVE Published
Jul 05, 2009
Exploitation Reported
Jul 05, 2009
CVSS
7.5 High
EPSS
Remote Low complexity Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • DSA-1836 debian.org · Vendor Advisory http://www.debian.org/security/2009/dsa-1836
  • FEDORA-2009-7761 redhat.com · Vendor Advisory https://www.redhat.com/archives/fedora-package-announce/2009-July/msg...
  • FEDORA-2009-7794 redhat.com · Vendor Advisory https://www.redhat.com/archives/fedora-package-announce/2009-July/msg...
  • 35909 secunia.com · Third-Party Advisory http://secunia.com/advisories/35909
  • 35833 secunia.com · Third-Party Advisory http://secunia.com/advisories/35833
Show 9 more references

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.