CVE-2013-3502

GroundWork Monitor Enterprise 6.7.0 - Authenticated Remote Code Execution via monarch_scan.cgi

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-3502. PoCs published by Metasploit, Johannes Greil, juan vazquez, including Metasploit module exploits/linux/http/groundwork_monarch_cmd_exec.

AI-analyzed exploit summary This Metasploit module exploits an OS command injection vulnerability in GroundWork 6.7.0's monarch_scan.cgi via the perl qx function. It authenticates using JOSSO, then injects commands through URI-encoded arguments.

Description

monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/25001

This Metasploit module exploits an OS command injection vulnerability in GroundWork 6.7.0's monarch_scan.cgi via the perl qx function. It authenticates using JOSSO, then injects commands through URI-encoded arguments.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GroundWork 6.7.0
Auth required
Prerequisites: Valid GroundWork credentials · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Johannes Greil, juan vazquez · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/groundwork_monarch_cmd_exec.rb

This Metasploit module exploits a command injection vulnerability in GroundWork 6.7.0's monarch_scan.cgi, allowing authenticated remote code execution via the perl qx function. It authenticates using JOSSO, then injects commands through URI-encoded arguments.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GroundWork 6.7.0
Auth required
Prerequisites: Valid GroundWork credentials · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

EPSS 0.5371
EPSS Percentile 98.9%

Details

CWE
CWE-255
Status published
Products (1)
gwos/groundwork_monitor 6.7.0
Published May 08, 2013
Tracked Since Feb 18, 2026