Primary

Context

ZEN Load Balancer Command Injection Vulnerability Allowing Remote Code Execution

Vulnerability

A command injection vulnerability has been identified in ZEN Load Balancer versions 2.0 and 3.0-rc1. The issue resides in the 'content2-2.cgi' file, where the 'filelog' parameter is passed directly into an exec() call without proper sanitation. This vulnerability allows authenticated attackers to inject arbitrary shell commands, which are executed with root privileges, leading to remote code execution. ZEN Load Balancer is no longer supported and has been succeeded by SKUDONET CE.

Impact

Exploitation of this vulnerability allows authenticated users to execute arbitrary commands as the root user on the affected system.

Reproduction

The vulnerability can be reproduced by sending a GET request to 'index.cgi' with the 'filelog' parameter containing the injected command, such as a reverse shell payload. This request must include authorization headers for an authenticated user.

Added: Aug 11, 2025, 3:27 PM

Updated: Aug 11, 2025, 3:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.3

threat

7.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.3

threat

7.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ZEN Load Balancer Command Injection Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating