Zope Command Execution Vulnerability

🗓️ 17 May 2022 05:37:39Reported by GitHub Advisory DatabaseType

Unspecified Zope 2.12.x and 2.13.x command execution vulnerabilit

Reporter	Title	Published	Views	Family All 28
0day.today	Plone and Zope Remote Command Execution PoC	21 Dec 201100:00	–	zdt
Circl	CVE-2011-3587	21 Dec 201100:00	–	circl
Check Point Advisories	Plone and Zope cmd Parameter Remote Command Execution (CVE-2011-3587)	2 Nov 201400:00	–	checkpoint_advisories
CVE	CVE-2011-3587	10 Oct 201110:00	–	cve
Cvelist	CVE-2011-3587	10 Oct 201110:00	–	cvelist
d2	DSquare Exploit Pack: D2SEC_ZOPEPLONE	10 Oct 201110:55	–	d2
Dsquare	Plone RCE	26 Jan 201200:00	–	dsquare
Exploit DB	Plone and Zope - Remote Command Execution	21 Dec 201100:00	–	exploitdb
exploitpack	Plone and Zope - Remote Command Execution	21 Dec 201100:00	–	exploitpack
Metasploit	Plone and Zope XMLTools Remote Command Execution	27 Dec 201106:59	–	metasploit

Vulners

Node

zope2Range2.13.0–2.13.10pip

zope2Range2.12.0–2.12.20pip

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2011-3587
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
plone	www.plone.org/products/plone-hotfix/releases/20110928
plone	www.plone.org/products/plone/security/advisories/20110928
pypi	www.pypi.python.org/pypi/Products.PloneHotfix20110928/1.0
github	www.github.com/zopefoundation/Zope/commit/491a583d8c6622b80c75917e5017c4bb4b15e477
github	www.github.com/zopefoundation/Zope/commit/6bb2fb3c04a76b00bec9bd7c069733e06fa6ebe9
web	www.web.archive.org/web/20111013043934/http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587
github	www.github.com/pypa/advisory-database/tree/main/vulns/products-plonehotfix20110928/PYSEC-2011-26.yaml
plone	www.plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip

22 Nov 2024 20:15Current

8.1High risk

Vulners AI Score8.1

CVSS 29.3

EPSS0.90462