VYPR
Unrated severityNVD Advisory· Published Nov 29, 2009· Updated Jun 16, 2026

CVE-2009-4025

CVE-2009-4025

Description

Argument injection vulnerability in the traceroute function in Traceroute.php in the Net_Traceroute package before 0.21.2 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: some of these details are obtained from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Pear/Pear4 versions
    cpe:2.3:a:pear:pear:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:pear:pear:*:*:*:*:*:*:*:*range: <=0.21.1
    • cpe:2.3:a:pear:pear:0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:pear:pear:0.20:*:*:*:*:*:*:*
    • cpe:2.3:a:pear:pear:0.21:*:*:*:*:*:*:*
  • Range: <0.21.2

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.