CVE-2008-0244

SAP MaxDB < 7.6.3_build_007 - Remote Command Execution via Shell Metacharacters in exec_sdbinfo

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-0244. PoCs published by Luigi Auriemma, MC, including Metasploit module auxiliary/admin/maxdb/maxdb_cons_exec.

AI-analyzed exploit summary The writeup describes a pre-authentication remote command execution vulnerability in SAP MaxDB <= 7.6.03 build 007. The issue arises from the use of system() to execute commands, allowing command injection via shell metacharacters like &&.

Description

SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Luigi Auriemma · textremotemultiple
https://www.exploit-db.com/exploits/4877

The writeup describes a pre-authentication remote command execution vulnerability in SAP MaxDB <= 7.6.03 build 007. The issue arises from the use of system() to execute commands, allowing command injection via shell metacharacters like &&.

Classification
Writeup 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: SAP MaxDB <= 7.6.03 build 007
No auth needed
Prerequisites: Network access to the SAP MaxDB server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC
by MC · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/maxdb/maxdb_cons_exec.rb

This Metasploit module exploits a remote command injection vulnerability in SAP MaxDB's cons.exe by sending maliciously crafted packets to execute arbitrary commands. The exploit leverages improper input sanitization to achieve RCE.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SAP MaxDB (versions affected by CVE-2008-0244)
No auth needed
Prerequisites: Network access to SAP MaxDB's cons.exe service (default port 7210)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28409
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/486039/100/0/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0104
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4877
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1019171
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3536
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39573
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27206

Scores

EPSS 0.8982
EPSS Percentile 99.6%

Details

CWE
CWE-20
Status published
Products (1)
sap/maxdb < 7.6.3_build_007
Published Jan 12, 2008
Tracked Since Feb 18, 2026