CVE-2007-6509

Appian Enterprise BPM <5.6 SP1 - DoS

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-6509. PoCs published by Chris Castaldo, including Metasploit module auxiliary/dos/windows/appian/appian_bpm.

AI-analyzed exploit summary This exploit is a crafted packet designed to trigger a denial-of-service (DoS) condition in Appian BPMS 5.6 SP1. The packet contains specific byte sequences that cause the application to crash when processed.

Description

Unspecified vulnerability in Appian Enterprise Business Process Management (BPM) Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Chris Castaldo · textdosmultiple

https://www.exploit-db.com/exploits/30896

View Code ZIP pw:eip

This exploit is a crafted packet designed to trigger a denial-of-service (DoS) condition in Appian BPMS 5.6 SP1. The packet contains specific byte sequences that cause the application to crash when processed.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Appian Business Process Management Suite (BPMS) 5.6 SP1

No auth needed

Prerequisites: Network access to the target system

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/appian/appian_bpm.rb

View Code ZIP pw:eip

This Metasploit module exploits a denial of service vulnerability in Appian Enterprise Business Suite 5.6 SP1 by sending a malformed packet to TCP port 5400, causing the service to crash.