CVE-2014-6271

CVE Database · CVE-2014-6271

CVE-2014-6271

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

100.00%

Published

Sep 24, 2014

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2022-01-28 · Due: 2022-07-28

Apply updates per vendor instructions.

Public PoC / Exploit (31)

All weaponized →

Exploit-DBAdvantech Switch - 'Shellshock' Bash Environment Variable Command Injection (Metasploit)Exploit-DBGNU Bash - Environment Variable Command Injection (Metasploit)Exploit-DBIPFire - 'Shellshock' Bash Environment Variable Command Injection (Metasploit)Exploit-DBBash CGI - 'Shellshock' Remote Command Injection (Metasploit)Exploit-DBIPFire - CGI Web Interface (Authenticated) Bash Environment Variable Code Injection Exploit-DBQNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)Exploit-DBQNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit)Exploit-DBTrendMicro InterScan Web Security Virtual Appliance - 'Shellshock' Remote Command Injection Exploit-DBRedStar 3.0 Server - 'Shellshock' 'BEAM' / 'RSSMON' Command Injection Exploit-DBApache mod_cgi - 'Shellshock' Remote Command Injection Exploit-DBBash - 'Shellshock' Environment Variables Command Injection Exploit-DBCUPS Filter - Bash Environment Variable Code Injection (Metasploit)Exploit-DBGNU Bash - 'Shellshock' Environment Variable Command Injection Exploit-DBGNU bash 4.3.11 - Environment Variable dhclient Exploit-DBOpenVPN 2.2.29 - 'Shellshock' Remote Command Injection Exploit-DBPostfix SMTP 4.2.x < 4.2.48 - 'Shellshock' Remote Command Injection Exploit-DBPure-FTPd - External Authentication Bash Environment Variable Code Injection (Metasploit)Exploit-DBQmail SMTP - Bash Environment Variable Injection (Metasploit)Exploit-DBCisco Unified Communications Manager - Multiple Vulnerabilities Exploit-DBKemp Load Master 7.1.16 - Multiple Vulnerabilities Exploit-DBPHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection NucleiNuclei detection template TrickestTrickest PoC index GitHub PoCopsxcq/exploit-CVE-2014-6271★232 GitHub PoCscottjpack/shellshock_scanner★46 GitHub PoChmlio/vaas-cve-2014-6271★22 GitHub PoCb4keSn4ke/CVE-2014-6271★15 GitHub PoCcj1324/CGIShell★13 GitHub PoCfrancisck/shellshock-cgi★12 GitHub PoCindiandragon/Shellshock-Vulnerability-Scan★11 GitHub PoCnpm/ansible-bashpocalypse★6

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-78CWE-78

Affected Products (345)

gnu · bashvulnerable

arista · eos (up to 4.9.12)vulnerable

arista · eos (up to 4.10.9)vulnerable

arista · eos (up to 4.11.11)vulnerable

arista · eos (up to 4.12.9)vulnerable

arista · eos (up to 4.13.9)vulnerable

arista · eos (up to 4.14.4f)vulnerable