CVE-2014-125118

eScan 5.5-2 Web Management Console Command Injection

CVSS 9.4 CRITICALEPSS 3.3%CWE-306 CWE-78

Vexday Risk Score

63High priority

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 9.4EPSS 3.3%KEV nãoPoC públicaNuclei —Metasploit simPatch —

Lifecycle

04 Apr 2014Metasploit module available

25 Jul 2025Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The application fails to properly sanitize the 'pass' parameter when processing login requests to login.php, allowing an authenticated attacker with a valid username to inject arbitrary commands via a specially crafted password value. Successful exploitation results in remote code execution. Privilege escalation to root is possible by abusing the runasroot utility with mwconf-level privileges.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected products

MicroWorld · eScan Web Management Console

public PoCs found — 2

cve_referenceraw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/antivirus/escan_password_exec.rbunverified cve_referencewww.exploit-db.com/exploits/32869unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/antivirus/escan_password_exec.rb https://www.exploit-db.com/exploits/32869 https://www.vulncheck.com/advisories/escan-web-management-console-command-injection