CVE-2018-13417
Vulnerable component: Vuze Bittorrent Client 5.7.6.0. Root cause: XML External Entity Processing (XXE) in the SDL/UPnP/SSDP XML parsing engine. Impact: unauthenticated remote attackers can read arbitrary files on the host and may trigger SMB-based NetNTLM credential exposure (crack to cleartext) ...