← back
CVE-2017-6416

CVE-2017-6416

EPSS 10.9%
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 10.9%KEV nãoPoC Nuclei Metasploit simPatch
Lifecycle
28 Feb 2017Metasploit module available
06 Mar 2017Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
Affected products
n/a · n/a