CVE-2009-4644

N/A Unknown

Published: February 19, 2010 Modified: April 29, 2026

Description

Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://www.portcullis-security.com/338.php

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/38176

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/56248

Source: cve@mitre.org

http://www.portcullis-security.com/338.php

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/bid/38176

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/56248

Source: af854a3a-2127-422b-91ae-364da2661108

6 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

0.4%

63th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-78

Affected Vendors

accellion

Related CVEs

CVE-2026-40137 6.1

CVE-2026-40136 4.3

CVE-2026-40135 6.5

CVE-2026-40134 4.3

CVE-2026-40133 6.3