Lucene search

[email protected]CVE-2017-17968

HistoryDec 29, 2017 - 3:29 p.m.

CVE-2017-17968

2017-12-2915:29:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2017-17968

buffer overflow

nettransport

download manager

remote code execution

vulnerability

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON

A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.

Affected configurations

NVD

Node

xi-softnettransport_download_managerRange≤2.96l

CPENameOperatorVersion
xi-soft:nettransport_download_managerxi-soft nettransport download managerle2.96l

CPE	Name	Operator	Version
xi-soft:nettransport_download_manager	xi-soft nettransport download manager	le	2.96l

References

www.exploit-db.com/exploits/43408/

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON

Related for CVE-2017-17968

zdt1 exploitpack1 nvd1 packetstorm1 prion1 cvelist1 exploitdb1