Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Published 2017-05-30 18:29:00
Updated 2022-08-16 13:02:09
Source Red Hat, Inc.
View at NVD,   CVE.org
Vulnerability category: Execute code

Threat overview for CVE-2017-7494

Top countries where our scanners detected CVE-2017-7494
Top open port discovered on systems with this issue 445
IPs affected by CVE-2017-7494 154,012
Threat actors abusing to this issue? Yes
Find out if you* are affected by CVE-2017-7494!
*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

CVE-2017-7494 is in the CISA Known Exploited Vulnerabilities Catalog

This issue is known to have been leveraged as part of a ransomware campaign.
CISA vulnerability name:
Samba Remote Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it.
Notes:
https://www.samba.org/samba/security/CVE-2017-7494.html
Added on 2023-03-30 Action due date 2023-04-20

Exploit prediction scoring system (EPSS) score for CVE-2017-7494

97.26%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2017-7494

  • Samba is_known_pipename() Arbitrary Module Load
    Disclosure Date: 2017-03-24
    First seen: 2020-04-26
    exploit/linux/samba/is_known_pipename
    This module triggers an arbitrary shared library load vulnerability in Samba versions 3.5.0 to 4.4.14, 4.5.10, and 4.6.4. This module requires valid credentials, a writeable folder in an accessible share, and knowledge of the server-side path of the writeable folde

CVSS scores for CVE-2017-7494

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
10.0
HIGH AV:N/AC:L/Au:N/C:C/I:C/A:C
10.0
10.0
NIST
9.8
CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
NIST

CWE ids for CVE-2017-7494

  • The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
    Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-7494

Products affected by CVE-2017-7494

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!