CVE-2010-20120

HIGH

Maplesoft Maple <= 13 - Remote Code Execution via Malicious Maplet File

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-20120. PoCs published by Metasploit, scriptjunkie, including Metasploit module exploits/multi/fileformat/maple_maplet.

AI-analyzed exploit summary This Metasploit module exploits a vulnerability in Maple software (up to version 13) by crafting a malicious .maplet file that executes arbitrary commands when opened. It generates a payload executable, embeds it in the file, and triggers execution via Maple's scripting capabilities.

Description

Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers to craft malicious .maplet files that execute arbitrary code without user interaction.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotemultiple

https://www.exploit-db.com/exploits/16308

View Code ZIP pw:eip

This Metasploit module exploits a vulnerability in Maple software (up to version 13) by crafting a malicious .maplet file that executes arbitrary commands when opened. It generates a payload executable, embeds it in the file, and triggers execution via Maple's scripting capabilities.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Maple (up to version 13)

No auth needed

Prerequisites: Victim must open the malicious .maplet file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by scriptjunkie · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/fileformat/maple_maplet.rb

View Code ZIP pw:eip

This Metasploit module exploits a vulnerability in Maple software (up to version 13) by crafting a malicious .maplet file that executes arbitrary commands or payloads when opened. It supports multiple platforms (Windows, Linux) and architectures (x86, x64).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Maple (up to version 13)

No auth needed

Prerequisites: Victim must open the malicious .maplet file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1204 - User Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/maple-maplet-file-creation-command-execution

Various Sources product

https://www.maplesoft.com/products/maple/

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/16308

Various Sources exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/fileformat/maple_maplet.rb

Various Sources third-party-advisory

https://www.juniper.net/us/en/threatlabs/ips-signatures/detail.HTTP:MISC:MAPLE-MAPLET-CMD-EXEC.html

Scores

CVSS v4 8.4

EPSS 0.0034

EPSS Percentile 25.9%

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Products (1)

Maplesoft/Maple < 13

Published Aug 21, 2025

Tracked Since Feb 18, 2026