Search for vulnerabilities
| Vulnerability ID | VCID-bvwx-zvrz-n7fd |
| Aliases |
CVE-2009-2936
|
| Summary | The Command Line Interface (aka Server CLI or administration interface) in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to (1) execute arbitrary code via a vcl.inline directive that provides a VCL configuration file containing inline C code; (2) change the ownership of the master process via param.set, stop, and start directives; (3) read the initial line of an arbitrary file via a vcl.load directive; or (4) conduct cross-site request forgery (CSRF) attacks that leverage a victim's location on a trusted network and improper input validation of directives. NOTE: the vendor disputes this report, saying that it is "fundamentally misguided and pointless. |
| Status | Published |
| Exploitability | 2.0 |
| Weighted Severity | 0.6 |
| Risk | 1.2 |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| System | Score | Found at |
|---|---|---|
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| epss | 0.6839 | https://api.first.org/data/v1/epss?cve=CVE-2009-2936 |
| Reference id | Reference type | URL |
|---|---|---|
| https://api.first.org/data/v1/epss?cve=CVE-2009-2936 | ||
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2936 | ||
| CVE-2009-2936;OSVDB-67670 | Exploit | https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35581.rb |
| Data source | Exploit-DB |
|---|---|
| Date added | Dec. 19, 2014 |
| Description | Varnish Cache CLI Interface - Remote Code Execution (Metasploit) |
| Ransomware campaign use | Unknown |
| Source publication date | Dec. 19, 2014 |
| Exploit type | remote |
| Platform | linux |
| Source update date | Dec. 19, 2014 |
| Data source | Metasploit |
|---|---|
| Description | This module attempts to login to the Varnish Cache (varnishd) CLI instance using a bruteforce list of passwords. |
| Note | {}
|
| Ransomware campaign use | Unknown |
| Source URL | https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/varnish/varnish_cli_login.rb |
| Percentile | 0.98495 |
| EPSS Score | 0.6839 |
| Published At | June 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T13:55:32.547800+00:00 | Debian Importer | Import | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |