CVE-2009-4648

Accellion Secure File Transfer Appliance - Privilege Escalation via Sudo Command Argument Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4648. PoCs published by Tim Brown.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Accellion File Transfer Appliance, including privilege escalation and directory traversal. It provides commands to manipulate file permissions and execute arbitrary code with superuser privileges.

Description

Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to gain privileges via (1) arbitrary arguments in the --file_move action in /usr/local/bin/admin.pl, or a hard link attack in (2) chmod or (3) a certain cp command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Tim Brown · textlocallinux

https://www.exploit-db.com/exploits/33623

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Accellion File Transfer Appliance, including privilege escalation and directory traversal. It provides commands to manipulate file permissions and execute arbitrary code with superuser privileges.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Accellion File Transfer Appliance

Auth required

Prerequisites: Access to a shell with sufficient permissions to create symbolic links and execute sudo commands

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/38176

Exploit x_refsource_misc

http://www.portcullis-security.com/338.php

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/56248

Scores

EPSS 0.0082

EPSS Percentile 52.4%

Details

CWE

CWE-264

Status published

Products (5)

accellion/secure_file_transfer_appliance 7_0_135

accellion/secure_file_transfer_appliance 7_0_178

accellion/secure_file_transfer_appliance 7_0_189

accellion/secure_file_transfer_appliance 7_0_259

accellion/secure_file_transfer_appliance 7_0_296

Published Feb 19, 2010

Tracked Since Feb 18, 2026