CVE-2018-9021

CRITICAL

Broadcom Privileged Access Manager < 2.8.2 - Authentication Bypass and Remote Command Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-9021.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Broadcom CA Privileged Access Manager 2.8.2 via the 'AD_IMPORT' parameter in 'ajax_cmd.php'. It chains SQL injection with command execution to achieve remote code execution (RCE) by manipulating the 'ssl_vpn_network' configuration value in the database.

Description

An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.

Exploits (1)

exploitdb WORKING POC
pythonwebappswindows
https://www.exploit-db.com/exploits/47748

This exploit leverages a command injection vulnerability in Broadcom CA Privileged Access Manager 2.8.2 via the 'AD_IMPORT' parameter in 'ajax_cmd.php'. It chains SQL injection with command execution to achieve remote code execution (RCE) by manipulating the 'ssl_vpn_network' configuration value in the database.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Broadcom CA Privileged Access Manager 2.8.2
No auth needed
Prerequisites: Network access to the target · Target must be running Broadcom CA Privileged Access Manager 2.8.2
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 9.8
EPSS 0.1938
EPSS Percentile 97.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-269
Status published
Products (1)
broadcom/privileged_access_manager < 2.8.2
Published Jun 18, 2018
Tracked Since Feb 18, 2026