CVE-2013-2088

Subversion < 1.6.23 - Authenticated Remote Code Execution via Shell Metacharacters in Filename

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-2088. PoCs published by GlacierZ0ne.

AI-analyzed exploit summary This exploit leverages a vulnerability in the `svn-keyword-check.pl` pre-commit hook script (CVE-2013-2088) to achieve remote code execution on a Subversion server. It requires a misconfigured hook script and authenticated access with commit privileges.

Description

contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.

Exploits (1)

exploitdb WORKING POC
by GlacierZ0ne · pythonremotelinux
https://www.exploit-db.com/exploits/40507

This exploit leverages a vulnerability in the `svn-keyword-check.pl` pre-commit hook script (CVE-2013-2088) to achieve remote code execution on a Subversion server. It requires a misconfigured hook script and authenticated access with commit privileges.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Subversion (svn-keyword-check.pl before 1.6.23)
Auth required
Prerequisites: Subversion server with WebDAV via Apache · Pre-commit hook configured with vulnerable `svn-keyword-check.pl` · Authenticated user with commit privileges · Subversion client installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18772
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/40507/
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-07/msg00015.html

Scores

EPSS 0.3147
EPSS Percentile 98.1%

Details

CWE
CWE-20
Status published
Products (24)
apache/subversion 1.6.0
apache/subversion 1.6.1
apache/subversion 1.6.2
apache/subversion 1.6.3
apache/subversion 1.6.4
apache/subversion 1.6.5
apache/subversion 1.6.6
apache/subversion 1.6.7
apache/subversion 1.6.8
apache/subversion 1.6.9
... and 14 more
Published Jul 31, 2013
Tracked Since Feb 18, 2026