CVE-2008-1965

IBM Lotus Expeditor Client for Desktop <6.1.2 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1965. PoCs published by Thomas Pollet.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in IBM Lotus Expeditor by crafting a malicious URI with improperly sanitized input. The PoC demonstrates arbitrary command execution via a trojan-like payload embedded in the URI.

Description

Argument injection vulnerability in the cai: URI handler in rcplauncher in IBM Lotus Expeditor Client for Desktop 6.1.1 and 6.1.2, as used by Lotus Symphony and possibly other products, allows remote attackers to execute arbitrary code by injecting a -launcher option via a cai: URI, as demonstrated by a reference to a UNC share pathname.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Thomas Pollet · textremoteunix

https://www.exploit-db.com/exploits/31706

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in IBM Lotus Expeditor by crafting a malicious URI with improperly sanitized input. The PoC demonstrates arbitrary command execution via a trojan-like payload embedded in the URI.

Classification

Working Poc 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: IBM Lotus Expeditor (version unspecified)

No auth needed

Prerequisites: Victim must follow a malicious URI

MITRE ATT&CK