CVE-2018-14009

CRITICAL

Codiad < 2.8.4 - Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2018-14009. PoCs published by WangYihang, lolameroo, hidog123.

AI-analyzed exploit summary This exploit targets CVE-2018-14009 in Codiad 2.8.4, achieving authenticated remote code execution via command injection in the file search functionality. It supports both Windows (PowerShell) and Linux (Bash) payloads for reverse shell establishment.

Description

Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689.

Exploits (3)

exploitdb WORKING POC VERIFIED

by WangYihang · pythonwebappsmultiple

https://www.exploit-db.com/exploits/49705

View Code ZIP pw:eip

This exploit targets CVE-2018-14009 in Codiad 2.8.4, achieving authenticated remote code execution via command injection in the file search functionality. It supports both Windows (PowerShell) and Linux (Bash) payloads for reverse shell establishment.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Codiad 2.8.4

Auth required

Prerequisites: Valid credentials for Codiad · Network access to the target · Listener setup for reverse shell

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by lolameroo · poc

https://github.com/lolameroo/Codiad-CVE-2018-14009

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2018-14009, targeting Codiad 2.8.4. The exploit leverages command injection in the file search functionality to achieve remote code execution (RCE) on both Windows and Linux systems.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Codiad 2.8.4

Auth required

Prerequisites: Valid credentials for Codiad · Network access to the target · Writeable directories in Codiad

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 27, 2026 Full analysis →

nomisec WORKING POC

by hidog123 · poc

https://github.com/hidog123/Codiad-CVE-2018-14009

View Code ZIP pw:eip

This exploit targets CVE-2018-14009 in Codiad 2.8.4, leveraging a command injection vulnerability in the file search functionality to achieve remote code execution (RCE). It supports both Windows (PowerShell) and Linux (Bash) payloads for reverse shell establishment.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Codiad 2.8.4

Auth required

Prerequisites: Valid credentials for Codiad · Network access to the target · Writeable directories in Codiad

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/WangYihang/Codiad-Remote-Code-Execute-Exploit

View Exploit ZIP pw:eip

Third Party Advisory x_refsource_misc

https://github.com/Codiad/Codiad/issues/1078

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/161944/Codiad-2.8.4-Remote-Code-Execution.html

Scores

CVSS v3 9.8

EPSS 0.5042

EPSS Percentile 97.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-20

Status published

Products (2)

codiad/codiad < 2.8.4

codiad/codiad 0Packagist

Published Jul 12, 2018

Tracked Since Feb 18, 2026