CVE-2014-9605

Netsweeper <3.1.10, <4.0.9, <4.1.2 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-9605. PoCs published by Anastasios Monachos.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Netsweeper 4.0.8 via SQL injection using two single quotes in the login and password fields. It allows unauthorized admin access to perform actions like system backup, server restart, and stopping filters.

Description

WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' (single quote) character in the login and password parameters to webupgrade/webupgrade.php. NOTE: this was originally reported as an SQL injection vulnerability, but this may be inaccurate.

Exploits (1)

exploitdb WORKING POC
by Anastasios Monachos · textwebappsphp
https://www.exploit-db.com/exploits/37928

This exploit demonstrates an authentication bypass vulnerability in Netsweeper 4.0.8 via SQL injection using two single quotes in the login and password fields. It allows unauthorized admin access to perform actions like system backup, server restart, and stopping filters.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Netsweeper 4.0.8
No auth needed
Prerequisites: Network access to the target Netsweeper instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

EPSS 0.0394
EPSS Percentile 89.0%

Details

CWE
CWE-287
Status published
Products (1)
netsweeper/netsweeper 3.1.0 - 3.1.10
Published Sep 04, 2015
Tracked Since Feb 18, 2026