CVE-2012-3001

Mutiny Standard <4.5-1.12 - Command Injection

Title source: llm

Description

Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, related to a "command injection vulnerability."

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/24888

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Christopher Campbell, juan vazquez · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/mutiny_subnetmask_exec.rb

View Code ZIP pw:eip

References (5)

[US Government Resource] http://www.kb.cert.org/vuls/id/841851

[Various Sources] http://www.mutiny.com/releasehistory.php

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/56165

[Third Party Advisory, VDB Entry] http://osvdb.org/86570

[Third Party Advisory] http://secunia.com/advisories/51094

Scores

EPSS 0.7065

EPSS Percentile 98.7%

Details

CWE

CWE-78

Status published

Products (5)

mutiny/standard 4.4-1.12

mutiny/standard 4.5-1.03

mutiny/standard 4.5-1.05

mutiny/standard 4.5-1.07

mutiny/standard < 4.5-1.10

Published Oct 22, 2012

Tracked Since Feb 18, 2026