CVE-2012-10039

CRITICAL

ZEN Load Balancer <3.0-rc1 - Command Injection

Title source: llm

Description

ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec() call without sanitation. An authenticated attacker can inject arbitrary shell commands, resulting in remote code execution as the root user. ZEN Load Balancer is the predecessor of ZEVENET and SKUDONET. The affected versions (2.0 and 3.0-rc1) are no longer supported. SKUDONET CE is the current community-maintained successor.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremoteunix

https://www.exploit-db.com/exploits/21849

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by bcoles · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zen_load_balancer_exec.rb

View Code ZIP pw:eip

References (5)

[Various Sources] https://web.archive.org/web/20221203195056/https://itsecuritysolutions.org/2012-09-21-ZEN-Load-Balancer-v2.0-and-v3.0-rc1-multiple-vulnerabilities/

[Various Sources] https://web.archive.org/web/20111015031540/http://www.zenloadbalancer.com/

[Various Sources] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/zen_load_balancer_exec.rb

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/21849

[Vendor Advisory] https://www.fortiguard.com/encyclopedia/ips/33335/zen-load-balancer-filelog-command-execution

Scores

CVSS v4 9.4

EPSS 0.4785

EPSS Percentile 97.7%

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (2)

ZEN Load Balancer/ZEN Load Balancer 2.0

ZEN Load Balancer/ZEN Load Balancer 3.0-rc1

Published Aug 11, 2025

Tracked Since Feb 18, 2026