Vulnerability Details : CVE-2017-16666
Public exploit exists!
Xplico before 1.2.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the name of an uploaded PCAP file. NOTE: this issue can be exploited without authentication by leveraging the user registration feature.
Exploit prediction scoring system (EPSS) score for CVE-2017-16666
Probability of exploitation activity in the next 30 days: 43.68%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2017-16666
-
Xplico Remote Code Execution
Disclosure Date: 2017-10-29First seen: 2020-04-26exploit/linux/http/xplico_execThis module exploits command injection vulnerability. Unauthenticated users can register a new account and then execute a terminal command under the context of the root user. The specific flaw exists within the Xplico, which listens on TCP port 9876 by default. The goal of
CVSS scores for CVE-2017-16666
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2017-16666
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-16666
-
http://www.rapid7.com/db/modules/exploit/linux/http/xplico_exec
Xplico Remote Code Execution | Rapid7Exploit;Third Party Advisory
-
https://www.xplico.org/archives/1538
Xplico – Xpico 1.2.1: Xplico vulnerabilityVendor Advisory
-
https://pentest.blog/advisory-xplico-unauthenticated-remote-code-execution-cve-2017-16666/
Advisory | Xplico Unauthenticated Remote Code Execution CVE-2017-16666 – Pentest BlogExploit;Third Party Advisory
-
http://blog.securityonion.net/2017/11/security-advisory-for-xplico-120.html
Security Onion: Security Advisory for Xplico 1.2.0Third Party Advisory
-
https://www.exploit-db.com/exploits/43430/
Xplico - Remote Code Execution (Metasploit)Exploit;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/145639/Xplico-Remote-Code-Execution.html
Xplico Remote Code Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
Products affected by CVE-2017-16666
- cpe:2.3:a:xplico:xplico:*:*:*:*:*:*:*:*