← back
CVE-2014-7205

CVE-2014-7205

EPSS 78.6%
Vexday Risk Score
60Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Popular PoC on GitHub (3 stars) — exploitation code widely available.
CVSS EPSS 78.6%KEV nãoPoC públicaNuclei Metasploit simPatch
Lifecycle
08 Oct 2014Published on NVD
01 Nov 2016Metasploit module available
02 Nov 2016Public PoC
Weaponization speed
755 daysto first PoC
754 daysto Metasploit module
Recommendation: Plan a near-term fix — a public PoC already exists.
Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server framework for Node.js allows remote attackers to execute arbitrary Javascript code via unspecified vectors.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.