CVE-2009-2344

Sourcefire DC/3D Sensor <4.8.2 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2344. PoCs published by Gregory Duchemin.

AI-analyzed exploit summary This writeup describes a privilege escalation vulnerability in Sourcefire 3D Sensor and Defense Center 4.8.x, where a local user can escalate their privileges to administrator by sending a forged POST request to the user.cgi script. The vulnerability arises due to improper role validation in the script.

Description

The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Gregory Duchemin · textwebappscgi

https://www.exploit-db.com/exploits/9074

View Code ZIP pw:eip

This writeup describes a privilege escalation vulnerability in Sourcefire 3D Sensor and Defense Center 4.8.x, where a local user can escalate their privileges to administrator by sending a forged POST request to the user.cgi script. The vulnerability arises due to improper role validation in the script.

Classification

Writeup 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Sourcefire 3D Sensor and Defense Center 4.8.x

Auth required

Prerequisites: Authenticated session cookie (CGISESSID) · Access to the user.cgi script

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35658

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1022500

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/9074

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/504694/100/0/threaded

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/1785

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/35553

Scores

EPSS 0.0925

EPSS Percentile 94.7%

Details

CWE

CWE-264

Status published

Products (8)

sourcefire/3d_sensor 4.8

sourcefire/3d_sensor 4.8.0.3

sourcefire/3d_sensor 4.8.0.4

sourcefire/3d_sensor < 4.8.1

sourcefire/defense_center 4.8

sourcefire/defense_center 4.8.0.3

sourcefire/defense_center 4.8.0.4

sourcefire/defense_center < 4.8.1

Published Jul 07, 2009

Tracked Since Feb 18, 2026