CVE-2013-4096

DS3 Authentication Server - Authenticated Remote Code Execution via HOST_NAME Field

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4096.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in DS3 Authentication Server, including a post-authentication command execution flaw via unsanitized input in TestTelnetConnection.jsp, a physical path disclosure in TestDRConnection.jsp, and a user-controllable error message issue. The document provides technical descriptions, HTTP request examples, and server responses.

Description

ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOST_NAME field.

Exploits (1)

exploitdb WRITEUP

webappshardware

https://www.exploit-db.com/exploits/25976

View Code ZIP pw:eip

This advisory details multiple vulnerabilities in DS3 Authentication Server, including a post-authentication command execution flaw via unsanitized input in TestTelnetConnection.jsp, a physical path disclosure in TestDRConnection.jsp, and a user-controllable error message issue. The document provides technical descriptions, HTTP request examples, and server responses.

Classification

Writeup 95%

Attack Type

Rce | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: DS3 Authentication Server (unknown version)

Auth required

Prerequisites: Access to the ServerAdmin interface · Valid session cookie (JSESSIONID)

MITRE ATT&CK

T1202 - Indirect Command Execution T1110 - Brute Force

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources x_refsource_misc

http://www.digitalsec.net/stuff/explt+advs/DS3.AuthServer.txt

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/121862/DS3-Authentication-Server-Command-Execution.html

Scores

EPSS 0.0935

EPSS Percentile 94.8%

Details

CWE

CWE-20

Status published

Products (1)

ds3/authentication_server

Published Jun 28, 2013

Tracked Since Feb 18, 2026