CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7178

CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) causing the victim to download, install, and enable this plugin.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

Products affected by CVE-2017-7178

Deluge-Torrent » Deluge » Version: 1.1.0

cpe:2.3:a:deluge-torrent:deluge:1.1.0
Deluge-Torrent » Deluge » Version: 1.2.0

cpe:2.3:a:deluge-torrent:deluge:1.2.0
Deluge-Torrent » Deluge » Version: 1.3.0

cpe:2.3:a:deluge-torrent:deluge:1.3.0
Deluge-Torrent » Deluge » Version: 1.3.1

cpe:2.3:a:deluge-torrent:deluge:1.3.1
Deluge-Torrent » Deluge » Version: 1.3.10

cpe:2.3:a:deluge-torrent:deluge:1.3.10
Deluge-Torrent » Deluge » Version: 1.3.11

cpe:2.3:a:deluge-torrent:deluge:1.3.11
Deluge-Torrent » Deluge » Version: 1.3.12

cpe:2.3:a:deluge-torrent:deluge:1.3.12
Deluge-Torrent » Deluge » Version: 1.3.13

cpe:2.3:a:deluge-torrent:deluge:1.3.13
Deluge-Torrent » Deluge » Version: 1.3.2

cpe:2.3:a:deluge-torrent:deluge:1.3.2
Deluge-Torrent » Deluge » Version: 1.3.3

cpe:2.3:a:deluge-torrent:deluge:1.3.3
Deluge-Torrent » Deluge » Version: 1.3.4

cpe:2.3:a:deluge-torrent:deluge:1.3.4
Deluge-Torrent » Deluge » Version: 1.3.5

cpe:2.3:a:deluge-torrent:deluge:1.3.5
Deluge-Torrent » Deluge » Version: 1.3.6

cpe:2.3:a:deluge-torrent:deluge:1.3.6
Deluge-Torrent » Deluge » Version: 1.3.7

cpe:2.3:a:deluge-torrent:deluge:1.3.7
Deluge-Torrent » Deluge » Version: 1.3.8

cpe:2.3:a:deluge-torrent:deluge:1.3.8
Deluge-Torrent » Deluge » Version: 1.3.9

cpe:2.3:a:deluge-torrent:deluge:1.3.9
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7178

Products

Pricing

Contact Us