CVE-2017-17562

8.1 HIGH CISA KEV - Actively Exploited
Published: December 12, 2017 Modified: October 22, 2025
View on NVD

Description

Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Source: cve@mitre.org
Patch Third Party Advisory
http://www.securitytracker.com/id/1040702
Source: cve@mitre.org
Broken Link Third Party Advisory VDB Entry
https://github.com/elttam/advisories/tree/master/CVE-2017-17562
Source: cve@mitre.org
Broken Link Third Party Advisory
https://github.com/embedthis/goahead/commit/6f786c123196eb622625a920d54048629a7caa74
Source: cve@mitre.org
Broken Link Patch Third Party Advisory
https://github.com/embedthis/goahead/issues/249
Source: cve@mitre.org
Broken Link Issue Tracking Third Party Advisory
https://www.elttam.com.au/blog/goahead/
Source: cve@mitre.org
Broken Link Exploit Patch Third Party Advisory
https://www.exploit-db.com/exploits/43360/
Source: cve@mitre.org
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/43877/
Source: cve@mitre.org
Exploit Third Party Advisory VDB Entry
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Third Party Advisory
http://www.securitytracker.com/id/1040702
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
https://github.com/elttam/advisories/tree/master/CVE-2017-17562
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
https://github.com/embedthis/goahead/commit/6f786c123196eb622625a920d54048629a7caa74
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Patch Third Party Advisory
https://github.com/embedthis/goahead/issues/249
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Issue Tracking Third Party Advisory
https://www.elttam.com.au/blog/goahead/
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Exploit Patch Third Party Advisory
https://www.exploit-db.com/exploits/43360/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/43877/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-17562
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

17 reference(s) from NVD

Quick Stats

CVSS v3 Score
8.1 / 10.0
EPSS (Exploit Probability)
94.0%
100th percentile
Exploitation Status
Actively Exploited
Remediation due: 2022-06-10

Affected Vendors

oracle embedthis