CVE-2017-10974

HIGH EXPLOITED NUCLEI

Yaws 1.91 - Unauthenticated Path Traversal via HTTP Directory Traversal with /%5C../

Title source: llm

Exploitation Summary

CVE-2017-10974 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including hyp3rlinx. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated directory traversal vulnerability in Yaws web server v1.91, allowing remote attackers to read sensitive files such as SSL private keys and access logs via crafted HTTP requests.

Description

Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on this product.

Exploits (1)

exploitdb WORKING POC

by hyp3rlinx · textremotemultiple

https://www.exploit-db.com/exploits/42303

View Code ZIP pw:eip

This exploit demonstrates an unauthenticated directory traversal vulnerability in Yaws web server v1.91, allowing remote attackers to read sensitive files such as SSL private keys and access logs via crafted HTTP requests.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Yaws web server v1.91

No auth needed

Prerequisites: network access to the Yaws web server

MITRE ATT&CK

T1005 - Data from Local System T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Yaws 1.91 - Local File Inclusion

HIGHby 0x_Akoko

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/99515

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42303/

Exploit, Third Party Advisory x_refsource_misc

http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt

Scores

CVSS v3 7.5

EPSS 0.8103

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2024-01-03

CWE

CWE-22

Status published

Products (1)

yaws/yaws 1.91

Published Jul 07, 2017

Tracked Since Feb 18, 2026