Executive Summary

RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL.

Why It Matters

CVE-2004-2061 is rated CRITICAL severity, requiring immediate attention from security teams.

CVSS Base Score: 9.8/10

Affected Technologies

Vendors: risearch

Products: risearch, risearch_pro

🛡️What Defenders Should Check

Check if you are affected — Review your asset inventory for products listed in CVE-2004-2061.

Apply available patches — Visit vendor advisories for the latest security updates.

Monitor for exploitation — Check your SIEM/IDS logs for related indicators.

Use Vulnios to continuously monitor your exposure to CVE-2004-2061 and similar vulnerabilities.

References & Sources

http://marc.info/?l=bugtraq&m=109095196526490&w=2

http://secunia.com/advisories/12173

http://securitytracker.com/id?1010788

http://www.osvdb.org/8265

http://www.osvdb.org/8266

http://www.securityfocus.com/bid/10812

https://exchange.xforce.ibmcloud.com/vulnerabilities/16817

http://marc.info/?l=bugtraq&m=109095196526490&w=2

http://secunia.com/advisories/12173

http://securitytracker.com/id?1010788

AI Security Advisor

Get AI-powered security recommendations tailored to this specific threat — including risk assessment, detection guidance, MITRE ATT&CK mapping, and actionable remediation steps.

Affected Products

risearchrisearch_pro

Sources

NVD / NIST

critical

Protect Your Organization

Monitor CVEs, scan for vulnerabilities, and get real-time threat alerts — all in one platform.

Get Started Free Free Security Scan OSINT Dashboard

Get instant alerts on Telegram

Join our public channel for real-time critical CVE alerts.

Follow @vulnios

Critical Vulnerability: CVE-2004-2061 — risearch — risearch, risearch_pro