Exploitation Summary
EIP tracks 1 public exploit for CVE-2011-3597. PoCs published by anonymous.
AI-analyzed exploit summary This exploit leverages a vulnerability in the Perl Digest module (versions prior to 1.17) to inject and execute arbitrary Perl code. The PoC demonstrates a simple command injection via the `Digest->new` method.
Description
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by anonymous · textremotelinux
https://www.exploit-db.com/exploits/36199
This exploit leverages a vulnerability in the Perl Digest module (versions prior to 1.17) to inject and execute arbitrary Perl code. The PoC demonstrates a simple command injection via the `Digest->new` method.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:
Perl Digest module < 1.17
No auth needed
Prerequisites:
Perl environment with vulnerable Digest module installed
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (14)
Core 14
Core References
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:009
Vendor Advisory x_refsource_confirm
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
Vendor Advisory x_refsource_confirm
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-1797.html
Patch x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=743010
Various Sources x_refsource_confirm
http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1643-1
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19446
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:008
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-1424.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/46279
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/51457
Various Sources x_refsource_confirm
http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/49911
Scores
EPSS
0.1353
EPSS Percentile
96.0%
Details
CWE
CWE-20
Status
published
Products (17)
gisle_aas/digest
1.00
gisle_aas/digest
1.01
gisle_aas/digest
1.02
gisle_aas/digest
1.03
gisle_aas/digest
1.04
gisle_aas/digest
1.05
gisle_aas/digest
1.06
gisle_aas/digest
1.07
gisle_aas/digest
1.08
gisle_aas/digest
1.09
... and 7 more
Published
Jan 13, 2012
Tracked Since
Feb 18, 2026