Search for vulnerabilities
Vulnerability details: VCID-7f2z-4x67-hqfw
Vulnerability ID VCID-7f2z-4x67-hqfw
Aliases CVE-2009-3095
Summary A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.
Status Published
Exploitability 0.5
Weighted Severity 2.1
Risk 1.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
epss 0.06974 https://api.first.org/data/v1/epss?cve=CVE-2009-3095
apache_httpd low https://httpd.apache.org/security/json/CVE-2009-3095.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json
https://api.first.org/data/v1/epss?cve=CVE-2009-3095
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
522209 https://bugzilla.redhat.com/show_bug.cgi?id=522209
545951 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951
CVE-2009-3095 https://httpd.apache.org/security/json/CVE-2009-3095.json
USN-860-1 https://usn.ubuntu.com/860-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.91043
EPSS Score 0.06974
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:28:50.705161+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2009-3095.json 37.0.0