CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.4%

CVSS Severity

CVSS v3 Score 7.3

CVSS v2 Score 4.4

References

https://github.com/Houl777/CVE-2017-9606
https://github.com/Houl777/CVE-2017-9606

Products affected by CVE-2017-9606

Infotecs » Vipnet Client » Version: 3.2.10

cpe:2.3:a:infotecs:vipnet_client:3.2.10
Infotecs » Vipnet Client » Version: 4.3.1

cpe:2.3:a:infotecs:vipnet_client:4.3.1
Infotecs » Vipnet Coordinator » Version: 3.2.10

cpe:2.3:a:infotecs:vipnet_coordinator:3.2.10
Infotecs » Vipnet Coordinator » Version: 4.3.1

cpe:2.3:a:infotecs:vipnet_coordinator:4.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9606

Products

Pricing

Contact Us