CVE-2013-10037

CRITICAL

WebTester 5.x - Unauthenticated OS Command Injection via install2.php Parameters

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-10037. PoCs published by Metasploit, bcoles, including Metasploit module exploits/unix/webapp/webtester_exec.

AI-analyzed exploit summary This Metasploit module exploits a command execution vulnerability in WebTester 5.x via unauthenticated command injection in the 'install2.php' file's 'cpusername', 'cppassword', and 'cpdomain' parameters. It sends a crafted POST request with the payload embedded in one of these parameters, achieving remote code execution.

Description

An OS command injection vulnerability exists in WebTester version 5.x via the install2.php installation script. The parameters cpusername, cppassword, and cpdomain are passed directly to shell commands without sanitization. A remote unauthenticated attacker can exploit this flaw by sending a crafted HTTP POST request, resulting in arbitrary command execution on the underlying system with web server privileges.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremoteunix

https://www.exploit-db.com/exploits/29132

View Code ZIP pw:eip

This Metasploit module exploits a command execution vulnerability in WebTester 5.x via unauthenticated command injection in the 'install2.php' file's 'cpusername', 'cppassword', and 'cpdomain' parameters. It sends a crafted POST request with the payload embedded in one of these parameters, achieving remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WebTester version 5.x

No auth needed

Prerequisites: Network access to the target WebTester installation · The 'install2.php' file must be accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by bcoles · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/webtester_exec.rb

View Code ZIP pw:eip

This Metasploit module exploits a command execution vulnerability in WebTester 5.x via unauthenticated command injection in the 'install2.php' file's parameters. It sends a payload through POST variables to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WebTester version 5.x

No auth needed

Prerequisites: Network access to the target · WebTester 5.x installed with 'install2.php' accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources third-party-advisory

https://advisories.checkpoint.com/defense/advisories/public/2014/cpai-2014-1620.html

Various Sources exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/webtester_exec.rb

Product issue-tracking

https://sourceforge.net/p/webtesteronline/bugs/3/

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/29132

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/webtester-unauth-command-execution

Scores

CVSS v4 9.3

EPSS 0.0986

EPSS Percentile 95.0%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-78

Status published

Products (2)

Eppler Software/WebTester 5.0

Eppler Software/WebTester 5.x

Published Jul 31, 2025

Tracked Since Feb 18, 2026