CVE-2020-7209

CRITICAL EXPLOITED IN THE WILD NUCLEI

HP LinuxKI < 6.0-2 - Remote Code Execution

Title source: llm

Exploitation Summary

CVE-2020-7209 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 2 public exploits from researchers including Cody Winkler, Cody Winkler, numan türle, including a Metasploit module exploits/linux/http/linuxki_rce. A Nuclei detection template is also available.

AI-analyzed exploit summary This Python script exploits a command injection vulnerability in HP LinuxKI <= 6.0-1 by injecting arbitrary commands into the 'pid' parameter of the 'kivis.php' endpoint. The script sends a crafted HTTP GET request and extracts the command output from the response.

Description

LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2.

Exploits (2)

exploitdb WORKING POC

by Cody Winkler · textremotemultiple

https://www.exploit-db.com/exploits/48483

View Code ZIP pw:eip

This Python script exploits a command injection vulnerability in HP LinuxKI <= 6.0-1 by injecting arbitrary commands into the 'pid' parameter of the 'kivis.php' endpoint. The script sends a crafted HTTP GET request and extracts the command output from the response.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: HP LinuxKI <= 6.0-1

No auth needed

Prerequisites: Network access to the target server · Target running HP LinuxKI <= 6.0-1

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Cody Winkler, numan türle · rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/linuxki_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in LinuxKI Toolset <= 6.01 via the 'pid' parameter in kivis.php, allowing remote code execution. It supports multiple payload types including PHP and Unix memory execution, as well as droppers.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: LinuxKI Toolset <= 6.01

No auth needed

Prerequisites: Network access to the target web application · LinuxKI Toolset <= 6.01 with exposed kivis.php endpoint

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

LinuxKI Toolset <= 6.01 - Remote Command Execution

CRITICALby dwisiswant0

References (3)

Core 3

Core References

Third Party Advisory x_refsource_misc

https://github.com/HewlettPackard/LinuxKI/releases/tag/v6.0-2

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/157739/HP-LinuxKI-6.01-Remote-Command-Injection.html

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/158025/LinuxKI-Toolset-6.01-Remote-Command-Execution.html

Scores

CVSS v3 9.8

EPSS 0.9885

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2022-12-21

InTheWild.io 2022-12-21

Status published

Products (1)

hp/linuxki < 6.0-2

Published Feb 13, 2020

Tracked Since Feb 18, 2026