CVE-2012-10039
BaseFortify
Publication date: 2025-08-11
Last updated on: 2025-08-11
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zen_load_balancer | zen_load_balancer | 2.0 |
| zen_load_balancer | zen_load_balancer | 3.0-rc1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2012-10039 is a command injection vulnerability in ZEN Load Balancer versions 2.0 and 3.0-rc1. The vulnerability exists in the CGI script 'content2-2.cgi', where the 'filelog' parameter is passed directly into a backtick-delimited exec() call without proper sanitization. This allows an authenticated attacker to inject arbitrary shell commands that are executed with root privileges, leading to remote code execution on the affected system. [1, 4]
How can this vulnerability impact me? :
This vulnerability allows an authenticated attacker to execute arbitrary commands on the affected ZEN Load Balancer system with root privileges. This can lead to full system compromise, including privilege escalation, unauthorized file uploads, remote code execution, and potential control over the entire network traffic managed by the load balancer. Sensitive information may also be exposed due to information disclosure vulnerabilities in related components. [1, 2, 4]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by verifying the version of ZEN Load Balancer running on your system. You can retrieve the file `/config/global.conf` from the server and check the version string for vulnerable versions (2.0 or 3.0-rc1). Additionally, an authenticated check can be performed by sending an HTTP request to `/index.cgi` with crafted parameters to test for command injection via the `filelog` parameter. For example, using curl to fetch the version file: `curl -k https://<target>:444/config/global.conf` and inspecting the version. Also, using the Metasploit module (if available) can automate detection and exploitation attempts. [1, 4]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Discontinue use of ZEN Load Balancer versions 2.0 and 3.0-rc1 as they are no longer supported and vulnerable. 2) Upgrade to a supported and maintained successor such as SKUDONET CE. 3) Restrict access to the management interface to trusted users only and enforce strong authentication. 4) Monitor and audit authenticated user activity to detect potential exploitation attempts. 5) If upgrading is not immediately possible, consider disabling or restricting access to vulnerable CGI scripts like `content2-2.cgi` and `content3-2.cgi` to prevent command injection. 6) Review and secure file upload mechanisms to prevent arbitrary file uploads. [2]