CVE-2012-3363

CRITICAL

Zend Framework 1.x < 1.11.12 and 1.12.x < 1.12.0 - XML External Entity Injection via XML-RPC Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3363. PoCs published by SEC Consult.

AI-analyzed exploit summary This advisory details an XML External Entity (XXE) injection vulnerability in Zend Framework's XmlRpc package, allowing arbitrary file disclosure via crafted XML-RPC requests. The issue stems from insecure use of SimpleXMLElement without disabling external entities.

Description

Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML external entity (XXE) injection attack.

Exploits (1)

exploitdb WRITEUP

by SEC Consult · textwebappsphp

https://www.exploit-db.com/exploits/19408

View Code ZIP pw:eip

This advisory details an XML External Entity (XXE) injection vulnerability in Zend Framework's XmlRpc package, allowing arbitrary file disclosure via crafted XML-RPC requests. The issue stems from insecure use of SimpleXMLElement without disabling external entities.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Zend Framework (1.11.11, 1.12.0 RC1, 2.0.0 beta4 and earlier)

No auth needed

Prerequisites: Access to a vulnerable Zend Framework XmlRpc server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (12)

Core 12

Core References

Third Party Advisory x_refsource_confirm

https://moodle.org/mod/forum/discuss.php?d=225345

Mailing List vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/06/27/2

Patch x_refsource_confirm

http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-34284

Mailing List vendor-advisory x_refsource_debian

http://www.debian.org/security/2012/dsa-2505

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/06/26/4

Mailing List vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/06/26/2

Mailing List mailing-list x_refsource_mlist

http://openwall.com/lists/oss-security/2013/03/25/2

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1027208

Vendor Advisory x_refsource_confirm

http://framework.zend.com/security/advisory/ZF2012-01

Broken Link x_refsource_misc

https://www.sec-consult.com/files/20120626-0_zend_framework_xxe_injection.txt

Scores

CVSS v3 9.1

EPSS 0.5512

EPSS Percentile 98.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-611

Status published

Products (6)

debian/debian_linux 6.0

fedoraproject/fedora 17

fedoraproject/fedora 18

zend/zend_framework 1.12.0 rc1 (4 CPE variants)

zend/zend_framework 1.0.0 - 1.11.12

zendframework/zendframework1 1.0.0 - 1.11.12Packagist

Published Feb 13, 2013

Tracked Since Feb 18, 2026