CVE-2017-14322

CRITICAL

Interspire Email Marketer <6.1.6 - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-14322. PoCs published by devcoinfet, joesmithjaffa.

AI-analyzed exploit summary This exploit bypasses authentication in Interspire Email Marketer by manipulating session cookies to forge admin access. It then extracts sensitive configuration data from the admin panel.

Description

The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) prior to 6.1.6 allows remote attackers to bypass authentication and obtain administrative access by using the IEM_CookieLogin cookie with a specially crafted value.

Exploits (2)

exploitdb WORKING POC

by devcoinfet · pythonwebappsphp

https://www.exploit-db.com/exploits/44513

View Code ZIP pw:eip

This exploit bypasses authentication in Interspire Email Marketer by manipulating session cookies to forge admin access. It then extracts sensitive configuration data from the admin panel.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Interspire Email Marketer versions 6.1.3 to 6.1.6

No auth needed

Prerequisites: Access to the target admin login page

MITRE ATT&CK

T1189 - Drive-by Compromise T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WRITEUP 5 stars

by joesmithjaffa · poc

https://github.com/joesmithjaffa/CVE-2017-14322

View Code ZIP pw:eip

This repository provides a detailed writeup and proof-of-concept for CVE-2017-14322, an authentication bypass vulnerability in Interspire Email Marketer. The exploit involves manipulating the IEM_CookieLogin cookie to gain administrative access without valid credentials.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Interspire Email Marketer prior to version 6.1.6

No auth needed

Prerequisites: Access to the target application · Ability to intercept and modify HTTP requests (e.g., using Burp Suite)

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44513/

Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2017/Oct/39

Broken Link x_refsource_misc

https://security.infoteam.ch/en/blog/posts/narrative-of-an-incident-response-from-compromise-to-the-publication-of-the-weakness.html

Scores

CVSS v3 9.8

EPSS 0.3650

EPSS Percentile 98.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287

Status published

Products (1)

interspire/email_marketer < 6.1.5

Published Oct 18, 2017

Tracked Since Feb 18, 2026