CVE-2013-4094

Imperva Securesphere - Improper Input Validation

Title source: rule

Description

The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script.

Exploits (1)

exploitdb WRITEUP
webappsjsp
https://www.exploit-db.com/exploits/25977

References (2)

Scores

EPSS 0.0286
EPSS Percentile 86.3%

Details

CWE
CWE-20
Status published
Products (1)
imperva/securesphere 9.0.0.5
Published Jun 28, 2013
Tracked Since Feb 18, 2026