3 matches found
CVE-2017-16666
Summary (CVE-2017-16666) : Xplico (before 1.2.1) is vulnerable to remote code execution via command injection when a PCAP file is uploaded. The root cause is unsafely processed shell metacharacters in the uploaded file name, with the attack surface enhanced by a hidden user-registration feature t...
CVE-2017-16666
creationtimestamp| type| source ---|---|--- 2018-01-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43430 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/xplicoexec.rb 2024-06-22 09:27:44+00:00|...
Xplico Unauthenticated Remote Code Execution(CVE-2017-16666)
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...