CVE-2009-0347

NUCLEI

Autonomy Ultraseek - Open Redirect via cs.html url Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-0347. PoCs published by buzzy, Cappricio-Securities. A Nuclei detection template is also available.

AI-analyzed exploit summary The provided text describes a URI-redirection vulnerability in Autonomy Ultraseek, where unsanitized user input allows redirection to arbitrary URLs. This can be exploited for phishing attacks by crafting a malicious URL.

Description

Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.

Exploits (2)

exploitdb WRITEUP VERIFIED

by buzzy · textwebappsphp

https://www.exploit-db.com/exploits/32766

View Code ZIP pw:eip

The provided text describes a URI-redirection vulnerability in Autonomy Ultraseek, where unsanitized user input allows redirection to arbitrary URLs. This can be exploited for phishing attacks by crafting a malicious URL.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Autonomy Ultraseek (version not specified)

No auth needed

Prerequisites: Access to craft a malicious URL

MITRE ATT&CK

T1566.002 - Spearphishing Link

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec SCANNER

by Cappricio-Securities · poc

https://github.com/Cappricio-Securities/CVE-2009-0347

View Code ZIP pw:eip

This repository contains a Python-based scanner for detecting CVE-2009-0347, a vulnerability in Microsoft Office Web Components. The tool checks for vulnerable endpoints by sending crafted requests and analyzing responses for specific patterns, such as redirects to a domain controlled by the tool's author.

Classification

Scanner 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Office Web Components

No auth needed

Prerequisites: Network access to the target system · Python 3 environment

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Autonomy Ultraseek - Open Redirect

MEDIUMby ctflearner

References (5)

Core 5

Core References

Various Sources x_refsource_misc

http://sunbeltblog.blogspot.com/2009/01/constant-stream-of-ultraseek-redirects.html

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/202753

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/33500

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/48336

Various Sources x_refsource_misc

http://www.ultraseek.com/forums/thread.jspa?messageID=9818

Scores

EPSS 0.0295

EPSS Percentile 86.8%

Details

CWE

CWE-59

Status published

Products (1)

autonomy/ultraseek _nil_

Published Jan 29, 2009

Tracked Since Feb 18, 2026