CVE-2013-1892

MongoDB < 2.0.9 and 2.2.x < 2.2.4 - Authenticated Remote Code Execution via nativeHelper Function

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2013-1892. PoCs published by agix, Metasploit, including Metasploit module exploits/linux/misc/mongod_native_helper.

AI-analyzed exploit summary This exploit leverages the nativeHelper.apply feature in MongoDB's Spidermonkey JavaScript engine to execute arbitrary shellcode. It constructs a malicious JavaScript payload that triggers remote code execution by exploiting improper input validation in the $where clause.

Description

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

Exploits (3)

exploitdb WORKING POC VERIFIED
by agix · textremotelinux
https://www.exploit-db.com/exploits/24947

This exploit leverages the nativeHelper.apply feature in MongoDB's Spidermonkey JavaScript engine to execute arbitrary shellcode. It constructs a malicious JavaScript payload that triggers remote code execution by exploiting improper input validation in the $where clause.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MongoDB 2.2.3
No auth needed
Prerequisites: Access to a MongoDB instance with the vulnerable version · Ability to send crafted JavaScript payloads via the $where clause
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/24935

This Metasploit module exploits CVE-2013-1892 in MongoDB's nativeHelper.apply function to achieve remote code execution via heap spraying and ROP chain manipulation. It targets MongoDB 2.2.3 on Linux systems.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: MongoDB 2.2.3
Auth required
Prerequisites: Network access to MongoDB port (27017) · Valid credentials if authentication is enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by agix · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/mongod_native_helper.rb

This Metasploit module exploits a remote code execution vulnerability in MongoDB's nativeHelper.apply function via a crafted JavaScript payload and ROP chain. It targets MongoDB 2.2.3 on Linux systems.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: MongoDB 2.2.3
Auth required
Prerequisites: Network access to MongoDB port (27017) · Valid credentials if authentication is enabled · Target running MongoDB 2.2.3 on Linux
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1170.html
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/24947
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/03/25/9
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101630.html
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/24935
Various Sources x_refsource_confirm
https://jira.mongodb.org/browse/SERVER-9124
Vendor Advisory x_refsource_confirm
http://www.mongodb.org/about/alerts/
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101679.html

Scores

EPSS 0.4454
EPSS Percentile 98.6%

Details

CWE
CWE-20
Status published
Products (18)
mongodb/mongodb 1.2.0
mongodb/mongodb 1.4.0
mongodb/mongodb 1.6.0
mongodb/mongodb 1.8.0
mongodb/mongodb 2.0.0
mongodb/mongodb 2.0.1
mongodb/mongodb 2.0.2
mongodb/mongodb 2.0.3
mongodb/mongodb 2.0.4
mongodb/mongodb 2.0.5
... and 8 more
Published Oct 01, 2013
Tracked Since Feb 18, 2026