Unrated severityNVD Advisory· Published Mar 3, 2009· Updated Apr 23, 2026

CVE-2009-0759

Description

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors.

Affected products

Znc/Znc3 versions
cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*range: <=0.062
- cpe:2.3:a:znc:znc:0.056:*:*:*:*:*:*:*
- cpe:2.3:a:znc:znc:0.058:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cppnvdVendor Advisory
znc.svn.sourceforge.net/viewvc/zncnvdVendor Advisory
znc.svn.sourceforge.net/viewvc/zncnvdVendor Advisory
osvdb.org/52295nvd
secunia.com/advisories/34230nvd
www.debian.org/security/2009/dsa-1735nvd
www.openwall.com/lists/oss-security/2009/03/01/2nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000