CVE-2012-0262

EXPLOITED

op5config/welcome <2.0.3 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2012-0262 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including Metasploit, including a Metasploit module exploits/multi/http/op5_welcome.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in OP5 Monitor's welcome page, allowing arbitrary root command execution via the 'password' parameter. The exploit sends a crafted POST request with a payload embedded in backticks to achieve RCE.

Description

op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubywebappsmultiple
https://www.exploit-db.com/exploits/41687

This Metasploit module exploits a command injection vulnerability in OP5 Monitor's welcome page, allowing arbitrary root command execution via the 'password' parameter. The exploit sends a crafted POST request with a payload embedded in backticks to achieve RCE.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: OP5 Monitor versions 5.3.5, 5.4.0, 5.4.2, 5.5.0, 5.5.1
No auth needed
Prerequisites: Network access to the target's HTTPS service (port 443) · Vulnerable version of OP5 Monitor
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/op5_welcome.rb

This Metasploit module exploits a command injection vulnerability in OP5 Monitor's welcome page, allowing arbitrary root command execution via the 'password' parameter. The exploit uses a POST request to inject a payload enclosed in backticks, which is executed by the underlying system.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: OP5 Monitor versions 5.3.5, 5.4.0, 5.4.2, 5.5.0, 5.5.1
No auth needed
Prerequisites: Network access to the target's HTTPS service on port 443 · Vulnerable version of OP5 Monitor
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Various Sources x_refsource_confirm
https://bugs.op5.com/view.php?id=5094
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/47417
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2012/Jan/62
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/78065

Scores

EPSS 0.9000
EPSS Percentile 99.6%

Details

VulnCheck KEV 2020-12-01
CWE
CWE-94
Status published
Products (6)
op5/monitor 5.3.5
op5/monitor 5.4.0
op5/monitor 5.4.2
op5/monitor 5.5.0
op5/monitor < 5.5.1
op5/system-op5config < 2.0.2
Published Dec 31, 2013
Tracked Since Feb 18, 2026