Skip to main content
CVE-2017-8303 CRITICAL POC Act Now

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Transfer Appliance
NVD GitHub
CVSS 3.1
9.8
EPSS
9.6%
CVE-2017-8794 CRITICAL POC Act Now

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF File Transfer Appliance
NVD GitHub
CVSS 3.0
10.0
EPSS
0.3%
CVE-2017-8786 CRITICAL POC PATCH Act Now

pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Pcre2
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2017-8790 CRITICAL POC Act Now

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

LDAP Code Injection File Transfer Appliance
NVD GitHub
CVSS 3.0
9.8
EPSS
0.5%
CVE-2017-8796 CRITICAL POC Act Now

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP File Transfer Appliance
NVD GitHub
CVSS 3.0
9.8
EPSS
0.3%
CVE-2017-8789 CRITICAL POC Act Now

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP File Transfer Appliance
NVD GitHub
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-8799 CRITICAL PATCH Act Now

Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users (potentially anonymous) to execute remote shell commands via iRODS virtual pathnames. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Irods
NVD GitHub
CVSS 3.0
9.8
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy