CyberSec.Space Logo
Back to CVE Browser

CVE-2009-4646

CRITICAL
9.0
CVSS Severity Score
EPSS Score0.0070%
EPSS Percentile3.02th
PublishedFeb 19, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string.

Affected Platforms (CPE)

πŸ”Œ
Accellion

Secure File Transfer Appliance

All versions

References & Advisories

πŸ”— http://secunia.com/advisories/38538
πŸ”— http://www.portcullis-security.com/339.php
πŸ”— http://secunia.com/advisories/38538
πŸ”— http://www.portcullis-security.com/339.php

Related Vulnerabilities

CVE-2009-46449.0

Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell ...

CVE-2018-14538.8

IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous type...

CVE-2009-46457.8

Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows ...

CVE-2009-46487.2

Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that...