Skip to main content
CVE-2017-7494 CRITICAL POC KEV PATCH THREAT Act Now

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Code Injection RCE
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
94.2%
Threat
7.8

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy