QwikSec

Security Database

CVE

CWE

Training

CVE-2009-10005

Published: Aug 20, 2025

Modified: May 15, 2026

PUBLISHED

Description

ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output parameters, attackers can read sensitive files such as /etc/passwd outside the webroot.

Vendor	Product	Versions
ContentKeeper Technologies	Web Appliance	affected `0 - < 125.10`

Weaknesses (CWE)

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb

exploit

https://www.exploit-db.com/exploits/16923

exploit

http://www.aushack.com/200904-contentkeeper.txt

technical-description

https://web.archive.org/web/20100325220542/http://www.contentkeeper.com/

product

https://www.vulncheck.com/advisories/contentkeeper-web-appliance-arbitrary-file-access-via-mimencode

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2009-10005 - Security Vulnerability | QwikSec