CVE-2015-0935

Bomgar Remote Support < 14.3.2 - Remote Code Execution via PHP Deserialization

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-0935. PoCs published by Markus Wulftange.

AI-analyzed exploit summary This Metasploit module exploits a PHP deserialization vulnerability in Bomgar Remote Support to achieve unauthenticated remote code execution by uploading and executing arbitrary PHP code via crafted serialized objects.

Description

Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafted serialized data to unspecified PHP scripts.

Exploits (1)

exploitdb WORKING POC

by Markus Wulftange · rubyremotelinux

https://www.exploit-db.com/exploits/39958

View Code ZIP pw:eip

This Metasploit module exploits a PHP deserialization vulnerability in Bomgar Remote Support to achieve unauthenticated remote code execution by uploading and executing arbitrary PHP code via crafted serialized objects.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Bomgar Remote Support < 15.1.1

No auth needed

Prerequisites: Valid Logging Session ID (LSID) · Access to the target's session_complete endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/978652

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/74460

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/39958/

Scores

EPSS 0.0587

EPSS Percentile 92.2%

Details

CWE

CWE-94

Status published

Products (1)

bomgar/remote_support < 14.3.2

Published May 25, 2015

Tracked Since Feb 18, 2026