CVE-2013-2182

monkey-project/monkey < 1.4.0 - Remote Access Restriction Bypass via Crafted URI

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-2182. PoCs published by felipensp.

AI-analyzed exploit summary The provided content lacks functional exploit code and instead references an external security advisory. It includes a vague URL example without technical details or proof-of-concept code, resembling a placeholder or lure.

Description

The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.

Exploits (1)

exploitdb SUSPICIOUS VERIFIED
by felipensp · textremotemultiple
https://www.exploit-db.com/exploits/38587

The provided content lacks functional exploit code and instead references an external security advisory. It includes a vague URL example without technical details or proof-of-concept code, resembling a placeholder or lure.

Classification
Suspicious 90%
Attack Type
Auth Bypass
Complexity
Theoretical
Reliability
Theoretical
Target: Mandril Security plugin for Monkey HTTP Daemon
No auth needed
Prerequisites: Access to the target web server
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/60569
Various Sources x_refsource_confirm
http://bugs.monkey-project.com/ticket/186
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/94287
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/53638
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/06/14/11
Exploit x_refsource_confirm
https://github.com/monkey/monkey/issues/92

Scores

EPSS 0.0559
EPSS Percentile 91.9%

Details

CWE
CWE-264
Status published
Products (1)
monkey-project/monkey < 1.4.0
Published Jun 13, 2014
Tracked Since Feb 18, 2026