CVE-2011-4643

Splunk 4.x < 4.2.5 - Authenticated Path Traversal via URI

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4643. PoCs published by Gary O'Leary-Steele.

AI-analyzed exploit summary This exploit targets CVE-2011-4644, a vulnerability in Splunk that allows remote authentication bypass and potential remote code execution. The script includes functionality for brute-forcing credentials, interacting with Splunk's web and management interfaces, and leveraging session keys for further exploitation.

Description

Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gary O'Leary-Steele · pythonremotemultiple

https://www.exploit-db.com/exploits/18245

View Code ZIP pw:eip

This exploit targets CVE-2011-4644, a vulnerability in Splunk that allows remote authentication bypass and potential remote code execution. The script includes functionality for brute-forcing credentials, interacting with Splunk's web and management interfaces, and leveraging session keys for further exploitation.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Splunk (versions affected by CVE-2011-4644)

No auth needed

Prerequisites: Network access to Splunk's web interface (port 8000) and management port (port 8089) · Splunk instance vulnerable to CVE-2011-4644

MITRE ATT&CK

T1110 - Brute Force T1078 - Valid Accounts

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (7)

Core 7

Core References

Various Sources x_refsource_misc

http://www.sec-1.com/blog/?p=233

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/47232

Vendor Advisory x_refsource_confirm

http://www.splunk.com/view/SP-CAAAGMM

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1026451

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/72244

Exploit x_refsource_misc

http://www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdf

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/18245/

Scores

EPSS 0.0842

EPSS Percentile 94.3%

Details

CWE

CWE-22

Status published

Products (26)

splunk/splunk 4.0

splunk/splunk 4.0.1

splunk/splunk 4.0.2

splunk/splunk 4.0.3

splunk/splunk 4.0.4

splunk/splunk 4.0.5

splunk/splunk 4.0.6

splunk/splunk 4.0.7

splunk/splunk 4.0.8

splunk/splunk 4.0.9

... and 16 more

Published Jan 03, 2012

Tracked Since Feb 18, 2026