| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 9.6 | $0-$5k | 0.00 |
Summary
A vulnerability categorized as critical has been discovered in Adobe RoboHelp Server up to 8. Affected by this issue is some unknown functionality of the component Web Directory. Such manipulation leads to access control. This vulnerability is referenced as CVE-2009-3068. Furthermore, an exploit is available.
Details
A vulnerability was found in Adobe RoboHelp Server up to 8 and classified as very critical. Affected by this issue is an unknown functionality of the component Web Directory. The manipulation with an unknown input leads to a access control vulnerability. Using CWE to declare the problem leads to CWE-264. Impacted is confidentiality, integrity, and availability. CVE summarizes:
Unrestricted file upload vulnerability in the RoboHelpServer Servlet (robohelp/server) in Adobe RoboHelp Server 8 allows remote attackers to execute arbitrary code by uploading a Java Archive (.jsp) file during a PUBLISH action, then accessing it via a direct request to the file in the robohelp/robo/reserved/web directory under its sessionid subdirectory, as demonstrated by the vd_adobe module in VulnDisco Pack Professional 8.7 through 8.11.
The weakness was published 09/04/2009 by Stephen Fewer with Harmony Security (Website). The advisory is shared for download at zerodayinitiative.com. This vulnerability is handled as CVE-2009-3068. The attack may be launched remotely. No form of authentication is required for exploitation. Technical details are unknown but a public exploit is available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 03/01/2025). The MITRE ATT&CK project declares the attack technique as T1068.
The exploit is available at securityfocus.com. It is declared as highly functional. The vulnerability scanner Nessus provides a plugin with the ID 41946 (Adobe RoboHelp Server Security Bypass (APSA09-05)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CGI abuses. The commercial vulnerability scanner Qualys is able to test this issue with plugin 12300 (Adobe RoboHelp Server 8 Security Bypass Vulnerability (APSA09-05 and APSB09-14)).
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 8527.
The vulnerability is also documented in the databases at X-Force (53092), Exploit-DB (33209), Tenable (41946), SecurityFocus (BID 36245†) and Vulnerability Center (SBV-23612†). Once again VulDB remains the best source for vulnerability data.
Product
Vendor
Name
Version
License
Website
- Vendor: https://www.adobe.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 10.0VulDB Meta Temp Score: 9.6
VulDB Base Score: 10.0
VulDB Temp Score: 9.6
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Access controlCWE: CWE-264
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Highly functional
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 41946
Nessus Name: Adobe RoboHelp Server Security Bypass (APSA09-05)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 801103
OpenVAS Name: Adobe RoboHelp Server Unspecified Vulnerability
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
MetaSploit ID: adobe_robohelper_authbypass.rb
MetaSploit Name: Adobe RoboHelp Server 8 Arbitrary File Upload and Execute
MetaSploit File: 🔍
D2Sec: Adobe Robohelp Server 8 Upload
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
ISS Proventia IPS: 🔍
PaloAlto IPS: 🔍
Fortigate IPS: 🔍
Timeline
09/02/2009 🔍09/03/2009 🔍
09/04/2009 🔍
09/04/2009 🔍
09/04/2009 🔍
09/30/2009 🔍
10/07/2009 🔍
03/18/2015 🔍
03/01/2025 🔍
Sources
Vendor: adobe.comAdvisory: zerodayinitiative.com
Researcher: Stephen Fewer
Organization: Harmony Security
Status: Not defined
Confirmation: 🔍
CVE: CVE-2009-3068 (🔍)
GCVE (CVE): GCVE-0-2009-3068
GCVE (VulDB): GCVE-100-49820
X-Force: 53092
SecurityFocus: 36245 - Adobe RoboHelp Server Authentication Bypass Vulnerability
Vulnerability Center: 23612 - [APSB09-14, APSB09-05] Adobe RoboHelp Server 8 Unrestricted File Upload Remote Arbitrary Code Execution vulnerability, High
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 03/18/2015 15:15Updated: 03/01/2025 22:10
Changes: 03/18/2015 15:15 (64), 01/29/2018 16:08 (17), 08/21/2021 01:17 (4), 08/21/2021 01:25 (1), 11/25/2024 03:12 (19), 03/01/2025 22:10 (3)
Complete: 🔍
Cache ID: 216::103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.