CVE-2012-10039

CRITICAL

ZEN Load Balancer <3.0-rc1 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-10039. PoCs published by Metasploit, bcoles, including Metasploit module exploits/linux/http/zen_load_balancer_exec.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in ZEN Load Balancer versions 2.0 and 3.0-rc1. The 'filelog' parameter in 'content2-2.cgi' is used within backticks, allowing authenticated users to execute arbitrary commands as root.

Description

ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec() call without sanitation. An authenticated attacker can inject arbitrary shell commands, resulting in remote code execution as the root user. ZEN Load Balancer is the predecessor of ZEVENET and SKUDONET. The affected versions (2.0 and 3.0-rc1) are no longer supported. SKUDONET CE is the current community-maintained successor.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremoteunix

https://www.exploit-db.com/exploits/21849

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in ZEN Load Balancer versions 2.0 and 3.0-rc1. The 'filelog' parameter in 'content2-2.cgi' is used within backticks, allowing authenticated users to execute arbitrary commands as root.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: ZEN Load Balancer 2.0 and 3.0-rc1

Auth required

Prerequisites: Valid credentials for the ZEN Load Balancer web interface · Network access to the target system

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by bcoles · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zen_load_balancer_exec.rb

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in ZEN Load Balancer versions 2.0 and 3.0-rc1. The vulnerability arises from the use of user-controlled data from the 'filelog' parameter within backticks in the 'content2-2.cgi' file, allowing authenticated users to execute arbitrary commands as the root user.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: ZEN Load Balancer 2.0 and 3.0-rc1

Auth required

Prerequisites: Valid credentials for the ZEN Load Balancer web interface · Network access to the target system

MITRE ATT&CK

T1202 - Indirect Command Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources technical-description exploit

https://web.archive.org/web/20221203195056/https://itsecuritysolutions.org/2012-09-21-ZEN-Load-Balancer-v2.0-and-v3.0-rc1-multiple-vulnerabilities/

Various Sources product

https://web.archive.org/web/20111015031540/http://www.zenloadbalancer.com/

Various Sources exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/zen_load_balancer_exec.rb

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/21849

Vendor Advisory third-party-advisory

https://www.fortiguard.com/encyclopedia/ips/33335/zen-load-balancer-filelog-command-execution

Scores

CVSS v4 9.4

EPSS 0.0245

EPSS Percentile 82.3%

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (2)

ZEN Load Balancer/ZEN Load Balancer 2.0

ZEN Load Balancer/ZEN Load Balancer 3.0-rc1

Published Aug 11, 2025

Tracked Since Feb 18, 2026