CVE-2017-17058

CVSS 7.5 HIGHEPSS 23.7%CWE-22

Vexday Risk Score

46Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 7.5EPSS 23.7%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

28 Nov 2017Public PoC

29 Nov 2017Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template files have "if (!defined('ABSPATH')) {exit;}" code

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

n/a · n/a

public PoCs found — 4

githubgithub.com/fu2x2000/CVE-2017-17058-woo_exploit★ 0 cve_referencewww.exploit-db.com/exploits/43196/unverified cve_referencewww.exploit-db.com/ghdb/4613/unverified exploitdbwww.exploit-db.com/exploits/43196unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/woocommerce/woocommerce/issues/17964 https://www.exploit-db.com/exploits/43196/https://www.exploit-db.com/ghdb/4613/