CVE-2015-1592

Movable Type <5.2.12 & <6.0.7 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2015-1592. PoCs published by Metasploit, lightsey, John Lightsey, including Metasploit module exploits/unix/webapp/sixapart_movabletype_storable_exec.

AI-analyzed exploit summary This Metasploit module exploits a Perl deserialization flaw in MovableType before 5.2.12 to execute arbitrary commands. It supports both nondestructive (requiring additional Perl modules) and destructive (corrupting the installation) attack methods.

Description

Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubywebappslinux
https://www.exploit-db.com/exploits/41697

This Metasploit module exploits a Perl deserialization flaw in MovableType before 5.2.12 to execute arbitrary commands. It supports both nondestructive (requiring additional Perl modules) and destructive (corrupting the installation) attack methods.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SixApart MovableType < 5.2.12
No auth needed
Prerequisites: Target must have Perl's Storable module and either Object::MultiType/DateTime (nondestructive) or CGI (destructive)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 6 stars
by lightsey · poc
https://github.com/lightsey/cve-2015-1592

This repository contains a Metasploit module and Perl scripts that exploit a Perl Storable deserialization vulnerability (CVE-2015-1592) in MovableType before 5.2.12. The exploit achieves remote code execution by leveraging Perl's object deserialization flaws, with both destructive and non-destructive methods.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SixApart MovableType < 5.2.12
No auth needed
Prerequisites: Perl Storable module · Object::MultiType and DateTime modules (for non-destructive mode)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
by John Lightsey · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/sixapart_movabletype_storable_exec.rb

This Metasploit module exploits a Perl deserialization flaw (CVE-2015-1592) in MovableType before 5.2.12 to achieve remote code execution. It supports both nondestructive (requiring additional Perl modules) and destructive (corrupting the installation) attack methods.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SixApart MovableType < 5.2.12
No auth needed
Prerequisites: Target must have MovableType installed with vulnerable version · Perl modules (Object::MultiType, DateTime) for nondestructive mode
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2015/dsa-3183
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031777
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/02/12/2
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/100912
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/72606
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/02/12/17

Scores

EPSS 0.7503
EPSS Percentile 99.4%

Details

CWE
CWE-74
Status published
Products (2)
debian/debian_linux 7.0
sixapart/movable_type 5.2.0 - 5.2.12 (3 CPE variants)
Published Feb 19, 2015
Tracked Since Feb 18, 2026