CVE-2012-10041

CRITICAL EPSS 85.3%

Published Aug 8, 202510mo ago · Modified Jun 16, 20261w ago

9.3 CVSS 4.0

Critical

Published Aug 8, 2025 10mo ago

Last Modified Jun 16, 2026 1w ago

Description

WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls shell_exec() with unsanitized input from the pc POST parameter, allowing remote attackers to execute arbitrary commands as the www-data user. The system also includes a SUID-root binary named dosu, which is vulnerable to command injection via its first argument. An attacker can exploit both flaws in sequence to achieve full remote code execution and escalate privileges to root.

CVSS Details

Base Score

9.3

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

85.3% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-78 OS Command Injection Injection

References 4

raw.githubusercontent.com https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/wanem_exec.rb
sourceforge.net https://sourceforge.net/projects/wanem/
exploit-db.com https://www.exploit-db.com/exploits/21190
vulncheck.com https://www.vulncheck.com/advisories/wan-emulator-command-execution

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.