CVE-2009-4495

Yaws 1.85 - Terminal Emulator Escape Sequence Injection via HTTP Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4495. PoCs published by evilaliv3.

AI-analyzed exploit summary This exploit demonstrates a command injection vulnerability in Yaws web server by sending a maliciously crafted HTTP request containing escape sequences that manipulate terminal emulators. The payload triggers arbitrary command execution when the logfile is viewed in a vulnerable terminal.

Description

Yaws 1.85 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.

Exploits (1)

exploitdb WORKING POC VERIFIED
by evilaliv3 · textremotewindows
https://www.exploit-db.com/exploits/33502

This exploit demonstrates a command injection vulnerability in Yaws web server by sending a maliciously crafted HTTP request containing escape sequences that manipulate terminal emulators. The payload triggers arbitrary command execution when the logfile is viewed in a vulnerable terminal.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Yaws 1.85
No auth needed
Prerequisites: Yaws web server with vulnerable version · Terminal emulator that interprets escape sequences
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/37716
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/508830/100/0/threaded

Scores

EPSS 0.0903
EPSS Percentile 94.6%

Details

CWE
CWE-20
Status published
Products (1)
yaws/yaws 1.85
Published Jan 13, 2010
Tracked Since Feb 18, 2026