CVE-2012-10033
CRITICALNarcissus - RCE
Title source: llmDescription
Narcissus is vulnerable to remote code execution via improper input handling in its image configuration workflow. Specifically, the backend.php script fails to sanitize the release parameter before passing it to the configure_image() function. This function invokes PHP’s passthru() with the unsanitized input, allowing attackers to inject arbitrary system commands. Exploitation occurs via a crafted POST request, resulting in command execution under the web server’s context.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/22856
metasploit
WORKING POC
EXCELLENT
by Dun, sinn3r · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/narcissus_backend_exec.rb
References (5)
Scores
CVSS v4
9.3
EPSS
0.6428
EPSS Percentile
98.5%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Details
CWE
CWE-78
Status
published
Products (1)
Ångström Distribution Project/Narcissus
Published
Aug 05, 2025
Tracked Since
Feb 18, 2026