CVE-2017-9757
CVE-2017-9757
Vexday Risk Score
30Bajo
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS —EPSS 38.5%KEV nãoPoC —Nuclei —Metasploit simPatch —
Ciclo de vida
09 jun 2017Exploit Metasploit disponible
19 jun 2017Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF.
Productos afectados
n/a · n/a