CVE-2014-3805

AlienVault OSSIM < 4.7.0 - Remote Code Execution via av-centerd SOAP Service

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-3805. PoCs published by Alfredo Ramirez, James Fitts.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in AlienVault OSSIM's av-centerd service via the SOAP API. The 'get_log_line' function is abused to append arbitrary commands (e.g., 'id') to log file requests, achieving remote code execution.

Description

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) get_license, (2) get_log_line, or (3) update_system/upgrade_pro_web request, a different vulnerability than CVE-2014-3804.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Alfredo Ramirez · perlremotelinux

https://www.exploit-db.com/exploits/33805

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in AlienVault OSSIM's av-centerd service via the SOAP API. The 'get_log_line' function is abused to append arbitrary commands (e.g., 'id') to log file requests, achieving remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: AlienVault OSSIM < 4.7.0

No auth needed

Prerequisites: Network access to the target's av-centerd SOAP service (port 40007) · SSL/TLS bypass for self-signed certificate

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by James Fitts · rubyremotelinux

https://www.exploit-db.com/exploits/42709

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in AlienVault OSSIM's av-centerd service via the get_log_line function. The exploit crafts a malicious SOAP request to inject a Perl payload, achieving remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: AlienVault OSSIM <= 4.7.0

No auth needed

Prerequisites: Network access to the target's av-centerd service (port 40007) · Target running a vulnerable version of AlienVault OSSIM

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42709/

Vendor Advisory x_refsource_confirm

http://forums.alienvault.com/discussion/2690

Third Party Advisory x_refsource_misc

http://zerodayinitiative.com/advisories/ZDI-14-199/

Third Party Advisory x_refsource_misc

http://zerodayinitiative.com/advisories/ZDI-14-204/

Third Party Advisory x_refsource_misc

http://zerodayinitiative.com/advisories/ZDI-14-198/

Scores

EPSS 0.3650

EPSS Percentile 97.2%

Details

CWE

CWE-94

Status published

Products (17)

alienvault/open_source_security_information_management 4.0

alienvault/open_source_security_information_management 4.0.3

alienvault/open_source_security_information_management 4.0.4

alienvault/open_source_security_information_management 4.1

alienvault/open_source_security_information_management 4.1.2

alienvault/open_source_security_information_management 4.1.3

alienvault/open_source_security_information_management 4.2

alienvault/open_source_security_information_management 4.2.2

alienvault/open_source_security_information_management 4.2.3

alienvault/open_source_security_information_management 4.3

... and 7 more

Published Jun 13, 2014

Tracked Since Feb 18, 2026