CVE-2021-32305

CRITICAL EXPLOITED IN THE WILD NUCLEI

WebSVN < 2.6.1 - Remote Code Execution via Search Parameter

Title source: llm

Exploitation Summary

CVE-2021-32305 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 2 public exploits from researchers including g0ldm45k, FredBrave. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit targets an unauthenticated remote code execution vulnerability in Websvn 2.6.0 by injecting a command into the search parameter, which executes a reverse shell payload. The payload is URL-encoded and sent via a GET request to the vulnerable endpoint.

Description

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by g0ldm45k · pythonwebappsphp

https://www.exploit-db.com/exploits/50042

View Code ZIP pw:eip

This exploit targets an unauthenticated remote code execution vulnerability in Websvn 2.6.0 by injecting a command into the search parameter, which executes a reverse shell payload. The payload is URL-encoded and sent via a GET request to the vulnerable endpoint.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Websvn 2.6.0

No auth needed

Prerequisites: Target must be running Websvn 2.6.0 · Attacker must have network access to the target · Attacker must have a listener set up for the reverse shell

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 1 stars

by FredBrave · remote

https://github.com/FredBrave/CVE-2021-32305-websvn-2.6.0

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2021-32305, a command injection vulnerability in WebSVN 2.6.0. The exploit leverages an unauthenticated command injection flaw in the search.php endpoint by injecting a payload via the search parameter.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WebSVN 2.6.0

No auth needed

Prerequisites: Target must be running WebSVN 2.6.0 · Network access to the target's search.php endpoint

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Websvn <2.6.1 - Remote Code Execution

CRITICALby gy741

References (2)

Core 2

Core References

Issue Tracking, Patch, Third Party Advisory x_refsource_misc

https://github.com/websvnphp/websvn/pull/142

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/163225/Websvn-2.6.0-Remote-Code-Execution.html

Scores

CVSS v3 9.8

EPSS 0.8672

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2021-08-30

InTheWild.io 2021-04-12

CWE

CWE-78

Status published

Products (1)

websvn/websvn < 2.6.1

Published May 18, 2021

Tracked Since Feb 18, 2026