// For flags

CVE-2009-4137

 

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The loadContentFromCookie function in core/Cookie.php in Piwik before 0.5 does not validate strings obtained from cookies before calling the unserialize function, which allows remote attackers to execute arbitrary code or upload arbitrary files via vectors related to the __destruct function in the Piwik_Config class; php://filter URIs; the __destruct functions in Zend Framework, as demonstrated by the Zend_Log destructor; the shutdown functions in Zend Framework, as demonstrated by the Zend_Log_Writer_Mail class; the render function in the Piwik_View class; Smarty templates; and the _eval function in Smarty.

La función loadContentFromCookie en core/Cookie.php en Piwik before v0.5 no valida cadenas obtenidoas desde cookies antes de llamar a la función unserialize, lo que permite a atacantes remotos ejecuta código o cargar archivos de su elección a través de vectores relacionados con la función the __destruct en la clase Piwik_Config; php://filter URIs; las funciones __destruct en Zend Framework, como quedó demostrado por el destructor Zend_Log; las funciones shutdown en Zend Framework, como quedó demostrado por la clase Zend_Log_Writer_Mail; la función render en la clase Piwik_View; plantillas Smarty ; y la función _eval en Smarty.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2009-12-01 CVE Reserved
  • 2009-12-24 CVE Published
  • 2018-01-15 First Exploit
  • 2024-09-16 CVE Updated
  • 2025-01-06 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Matomo
Search vendor "Matomo"
 Matomo
Search vendor "Matomo" for product "Matomo"
 0.2.25
Search vendor "Matomo" for product "Matomo" and version "0.2.25"
-
Affected
Matomo
Search vendor "Matomo"
 Matomo
Search vendor "Matomo" for product "Matomo"
 0.2.26
Search vendor "Matomo" for product "Matomo" and version "0.2.26"
-
Affected
Matomo
Search vendor "Matomo"
 Matomo
Search vendor "Matomo" for product "Matomo"
 0.2.27
Search vendor "Matomo" for product "Matomo" and version "0.2.27"
-
Affected
Matomo
Search vendor "Matomo"
 Matomo
Search vendor "Matomo" for product "Matomo"
 0.2.28
Search vendor "Matomo" for product "Matomo" and version "0.2.28"
-
Affected
Matomo
Search vendor "Matomo"
 Matomo
Search vendor "Matomo" for product "Matomo"
 0.2.29
Search vendor "Matomo" for product "Matomo" and version "0.2.29"
-
Affected
Matomo
Search vendor "Matomo"
 Matomo
Search vendor "Matomo" for product "Matomo"
 0.2.30
Search vendor "Matomo" for product "Matomo" and version "0.2.30"
-
Affected
Matomo
Search vendor "Matomo"
 Matomo
Search vendor "Matomo" for product "Matomo"
 0.2.31
Search vendor "Matomo" for product "Matomo" and version "0.2.31"
-
Affected
Matomo
Search vendor "Matomo"
 Matomo
Search vendor "Matomo" for product "Matomo"
 0.2.32
Search vendor "Matomo" for product "Matomo" and version "0.2.32"
-
Affected