Vulnerability Details CVE-2017-17849
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.362
EPSS Ranking 96.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://packetstormsecurity.com/files/145530/GetGo-Download-Manager-5.3.0.2712-Buffer-Overflow.html
- https://www.exploit-db.com/exploits/43391/
- https://www.exploit-db.com/exploits/45087/
- https://packetstormsecurity.com/files/145530/GetGo-Download-Manager-5.3.0.2712-Buffer-Overflow.html
- https://www.exploit-db.com/exploits/43391/
- https://www.exploit-db.com/exploits/45087/
Products affected by CVE-2017-17849
-
cpe:2.3:a:getgosoft:getgo_download_manager:2.50
-
cpe:2.3:a:getgosoft:getgo_download_manager:2.51
-
cpe:2.3:a:getgosoft:getgo_download_manager:2.52
-
cpe:2.3:a:getgosoft:getgo_download_manager:2.53
-
cpe:2.3:a:getgosoft:getgo_download_manager:2.54
-
cpe:2.3:a:getgosoft:getgo_download_manager:2.55
-
cpe:2.3:a:getgosoft:getgo_download_manager:3.00
-
cpe:2.3:a:getgosoft:getgo_download_manager:3.01
-
cpe:2.3:a:getgosoft:getgo_download_manager:3.50
-
cpe:2.3:a:getgosoft:getgo_download_manager:3.60
-
cpe:2.3:a:getgosoft:getgo_download_manager:3.70
-
cpe:2.3:a:getgosoft:getgo_download_manager:3.71
-
cpe:2.3:a:getgosoft:getgo_download_manager:3.80
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.0
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.0.1.95
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.1.0.179
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.1.1.201
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.2.0.287
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.2.1.309
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.2.2.350
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.3.0.382
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.4.1.435
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.4.5.502
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.5.0.576
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.5.1.655
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.5.2.692
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.5.2.696
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.6.0.739
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.6.1.775
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.7.0.930
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.7.1.975
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.7.2.1004
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.7.3.1085
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.8.0.1123
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.8.1.1171
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.8.2.1233
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.8.2.1346
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.8.2.1450
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.8.3.1545
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.8.4.1665
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.8.5.1687
-
cpe:2.3:a:getgosoft:getgo_download_manager:4.9.0.1982
-
cpe:2.3:a:getgosoft:getgo_download_manager:5.0.0.2145
-
cpe:2.3:a:getgosoft:getgo_download_manager:5.1.0.2224
-
cpe:2.3:a:getgosoft:getgo_download_manager:5.2.0.2429
-
cpe:2.3:a:getgosoft:getgo_download_manager:5.3.0.2712