CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14537

trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.909

EPSS Ranking 99.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

http://packetstormsecurity.com/files/162853/Trixbox-2.8.0.4-Path-Traversal.html
http://www.securityfocus.com/bid/103007
https://github.com/Hacker5preme/Exploits/tree/main/CVE-2017-14537-Exploit
https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-path-traversal-vulnerabilities-cve-2017-14537/
http://packetstormsecurity.com/files/162853/Trixbox-2.8.0.4-Path-Traversal.html
http://www.securityfocus.com/bid/103007
https://github.com/Hacker5preme/Exploits/tree/main/CVE-2017-14537-Exploit
https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-path-traversal-vulnerabilities-cve-2017-14537/

Products affected by CVE-2017-14537

Netfortris » Trixbox » Version: 2.8.0.4

cpe:2.3:a:netfortris:trixbox:2.8.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14537

Products

Pricing

Contact Us