CVE-2000-0322

EXPLOITED

Red Hat Piranha - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2000-0322 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Metasploit.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in RedHat Piranha's passwd.php3 script, allowing authenticated attackers to execute arbitrary commands as the Apache user. It leverages default credentials (piranha:q) and URI-encoded payloads to bypass input restrictions.

Description

The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Metasploit · rubywebappsphp
https://www.exploit-db.com/exploits/16858

This Metasploit module exploits a command injection vulnerability in RedHat Piranha's passwd.php3 script, allowing authenticated attackers to execute arbitrary commands as the Apache user. It leverages default credentials (piranha:q) and URI-encoded payloads to bypass input restrictions.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: RedHat Piranha Virtual Server Package (piranha-gui-0.4.12-1.i386.rpm)
Auth required
Prerequisites: Target running RedHat 6.2 with Piranha LVS cluster service · Default or known credentials for Basic Auth
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2000-014.html
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1149

Scores

EPSS 0.7777
EPSS Percentile 99.0%

Details

VulnCheck KEV 2010-02-15
Status published
Products (1)
redhat/linux 6.2 (3 CPE variants)
Published Apr 24, 2000
Tracked Since Feb 18, 2026