CVE-2017-7494
Samba Remote Code Execution Vulnerability
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
10
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
-
*SSVC
Descriptions
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Samba desde la versión 3.5.0 y anteriores a 4.6.4, versiones 4.5.10 y 4.4.14, son vulnerables a la ejecución de código remota, lo que permite que un cliente malicioso cargar una biblioteca compartida en un recurso compartido editable, y luego causar que el servidor lo cargue y ejecute.
A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root.
Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-04-05 CVE Reserved
- 2017-05-24 CVE Published
- 2017-05-26 First Exploit
- 2023-03-30 Exploited in Wild
- 2023-04-20 KEV Due Date
- 2024-08-05 CVE Updated
- 2024-11-09 EPSS Updated
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (26)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/98636 | Third Party Advisory | |
| http://www.securitytracker.com/id/1038552 | Third Party Advisory | |
| https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-095-01+Security+Notification+Umotion+V1.1.pdf&p_Doc_Ref=SEVD-2018-095-01 | Third Party Advisory | |
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03755en_us | Third Party Advisory | |
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03759en_us | Third Party Advisory | |
| https://security.netapp.com/advisory/ntap-20170524-0001 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/opsxcq/exploit-CVE-2017-7494 | 2022-12-27 | |
| https://www.exploit-db.com/exploits/42060 | 2024-08-05 | |
| https://www.exploit-db.com/exploits/42084 | 2024-08-05 | |
| https://github.com/joxeankoret/CVE-2017-7494 | 2021-03-09 | |
| https://github.com/homjxi0e/CVE-2017-7494 | 2017-05-26 | |
| https://github.com/0xm4ud/noSAMBAnoCRY-CVE-2017-7494 | 2021-08-27 | |
| https://github.com/incredible1yu/CVE-2017-7494 | 2018-05-10 | |
| https://github.com/00mjk/exploit-CVE-2017-7494 | 2022-05-08 | |
| https://github.com/Zer0d0y/Samba-CVE-2017-7494 | 2018-03-28 | |
| https://github.com/adjaliya/-CVE-2017-7494-Samba-Exploit-POC | 2021-09-29 |
| URL | Date | SRC |
|---|---|---|
| https://www.samba.org/samba/security/CVE-2017-7494.html | 2022-08-16 |
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3860 | 2022-08-16 | |
| https://access.redhat.com/errata/RHSA-2017:1270 | 2022-08-16 | |
| https://access.redhat.com/errata/RHSA-2017:1271 | 2022-08-16 | |
| https://access.redhat.com/errata/RHSA-2017:1272 | 2022-08-16 | |
| https://access.redhat.com/errata/RHSA-2017:1273 | 2022-08-16 | |
| https://access.redhat.com/errata/RHSA-2017:1390 | 2022-08-16 | |
| https://security.gentoo.org/glsa/201805-07 | 2022-08-16 | |
| https://access.redhat.com/security/cve/CVE-2017-7494 | 2017-06-05 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1450347 | 2017-06-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 3.5.0 < 4.4.0 Search vendor "Samba" for product "Samba" and version " >= 3.5.0 < 4.4.0" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 4.4.0 < 4.4.14 Search vendor "Samba" for product "Samba" and version " >= 4.4.0 < 4.4.14" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 4.5.0 < 4.5.10 Search vendor "Samba" for product "Samba" and version " >= 4.5.0 < 4.5.10" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 4.6.0 < 4.6.4 Search vendor "Samba" for product "Samba" and version " >= 4.6.0 < 4.6.4" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||