CVE-2014-5470

CRITICAL

Actual Analyzer <2014-08-29 - Code Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-5470. PoCs published by Metasploit, Benjamin Harris, bcoles, including Metasploit module exploits/unix/webapp/actualanalyzer_ant_cookie_exec.

AI-analyzed exploit summary This Metasploit module exploits a command execution vulnerability in ActualAnalyzer <= 2.81 via the 'ant' cookie in 'aa.php'. It includes checks for version detection and host retrieval, and executes arbitrary commands via HTTP cookie injection.

Description

Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremoteunix

https://www.exploit-db.com/exploits/35549

View Code ZIP pw:eip

This Metasploit module exploits a command execution vulnerability in ActualAnalyzer <= 2.81 via the 'ant' cookie in 'aa.php'. It includes checks for version detection and host retrieval, and executes arbitrary commands via HTTP cookie injection.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ActualAnalyzer <= 2.81

No auth needed

Prerequisites: Network access to the target · ActualAnalyzer installation with vulnerable version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Benjamin Harris, bcoles · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/actualanalyzer_ant_cookie_exec.rb

View Code ZIP pw:eip

This Metasploit module exploits a command execution vulnerability in ActualAnalyzer <= 2.81 via the 'ant' cookie in aa.php. It includes checks for version detection, host discovery, and payload delivery.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ActualAnalyzer <= 2.81

No auth needed

Prerequisites: Network access to the target · Target running ActualAnalyzer <= 2.81

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources

https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=35549

Exploit, Third Party Advisory

https://www.exploit-db.com/exploits/35549

Scores

CVSS v3 9.8

EPSS 0.7805

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-77

Status published

Published Jun 21, 2024

Tracked Since Feb 18, 2026