CVE-2013-0140

McAfee ePolicy Orchestrator < 4.5.7 and 4.6.x < 4.6.6 - SQL Injection via Agent-Handler Component

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-0140. PoCs published by st3n.

AI-analyzed exploit summary This exploit leverages CVE-2013-0140 (pre-auth SQL injection) and CVE-2013-0141 (pre-auth directory traversal) to register a rogue agent on McAfee ePolicy Orchestrator and perform various malicious actions, including RCE, credential theft, and database manipulation.

Description

SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a crafted request over the Agent-Server communication channel.

Exploits (1)

exploitdb WORKING POC

by st3n · textremotewindows

https://www.exploit-db.com/exploits/33071

View Code ZIP pw:eip

This exploit leverages CVE-2013-0140 (pre-auth SQL injection) and CVE-2013-0141 (pre-auth directory traversal) to register a rogue agent on McAfee ePolicy Orchestrator and perform various malicious actions, including RCE, credential theft, and database manipulation.

Classification

Working Poc 95%

Attack Type

Sqli | Rce | Info Leak | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: McAfee ePolicy Orchestrator 4.6.0-4.6.5

No auth needed

Prerequisites: Network access to target ePO server · Python environment with dependencies

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application T1078 - Valid Accounts T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/209131

Vendor Advisory x_refsource_confirm

https://kc.mcafee.com/corporate/index?page=content&id=SB10042

Various Sources third-party-advisory x_refsource_cert

http://www.us-cert.gov/ncas/alerts/TA13-193A

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/59500

Mailing List mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2014/Apr/289

Scores

EPSS 0.0254

EPSS Percentile 83.0%

Details

CWE

CWE-89

Status published

Products (19)

mcafee/epolicy_orchestrator 2.0

mcafee/epolicy_orchestrator 2.5 (2 CPE variants)

mcafee/epolicy_orchestrator 2.5.1

mcafee/epolicy_orchestrator 3.0 (2 CPE variants)

mcafee/epolicy_orchestrator 3.5.0

mcafee/epolicy_orchestrator 3.6.0

mcafee/epolicy_orchestrator 3.6.1

mcafee/epolicy_orchestrator 4.0

mcafee/epolicy_orchestrator 4.5.0

mcafee/epolicy_orchestrator 4.5.3

... and 9 more

Published May 01, 2013

Tracked Since Feb 18, 2026