Vulnerability Details : CVE-2017-7442
Public exploit exists!
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.
Vulnerability category: Directory traversalExecute code
Products affected by CVE-2017-7442
- cpe:2.3:a:gonitro:nitro_pro:11.0.3.173:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-7442
96.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2017-7442
-
Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution
Disclosure Date: 2017-07-24First seen: 2020-04-26exploit/windows/fileformat/nitro_reader_jsapiThis module exploits an unsafe Javascript API implemented in Nitro and Nitro Pro PDF Reader version 11. The saveAs() Javascript API function allows for writing arbitrary files to the file system. Additionally, the launchURL() function allows an attacker to ex
CVSS scores for CVE-2017-7442
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2017-7442
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-7442
-
https://www.exploit-db.com/exploits/42418/
Nitro Pro PDF Reader 11.0.3.173 - Javascript API Code Execution (Metasploit)Third Party Advisory;VDB Entry
-
http://srcincite.io/advisories/src-2017-0005/
Source InciteExploit;Third Party Advisory
Jump to