CVE-2013-3336
CVE-2013-3336
Vexday Risk Score
82Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 74.3%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Lifecycle
07 May 2013Metasploit module available
08 May 2013Public PoC
09 May 2013Published on NVD
Recommendation: Patch as soon as possible — active exploitation confirmed.
Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/25305unverifiedexploitdbwww.exploit-db.com/exploits/25305unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.