CVE-2017-6187
CVE-2017-6187
Vexday Risk Score
50Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 33.1%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Lifecycle
01 Dec 2016Metasploit module available
22 Feb 2017Public PoC
22 Feb 2017Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/41436/unverifiedexploitdbwww.exploit-db.com/exploits/41436unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.