CVE-2017-15220

CRITICAL

Flexense VX Search Enterprise 10.1.12 - Remote Code Execution via Buffer Overflow in Long URI

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-15220. PoCs published by Revnic Vasile, vasilerevnic.

AI-analyzed exploit summary This exploit targets a remote buffer overflow in VX Search Enterprise v10.1.12 via a crafted HTTP POST request. It uses an egghunter and shellcode to achieve remote code execution on the target system.

Description

Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code.

Exploits (2)

exploitdb WORKING POC

by Revnic Vasile · pythonremotewindows

https://www.exploit-db.com/exploits/42973

View Code ZIP pw:eip

This exploit targets a remote buffer overflow in VX Search Enterprise v10.1.12 via a crafted HTTP POST request. It uses an egghunter and shellcode to achieve remote code execution on the target system.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: VX Search Enterprise v10.1.12

No auth needed

Prerequisites: Network access to the target system · VX Search Enterprise v10.1.12 running on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by vasilerevnic · poc

https://github.com/vasilerevnic/CVE-2017-15220-vxsearch-rce

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2017-15220, a remote buffer overflow in VX Search Enterprise 10.1.12. The exploit uses a crafted HTTP POST request to trigger the vulnerability and execute arbitrary shellcode via an egghunter technique.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: VX Search Enterprise 10.1.12

No auth needed

Prerequisites: Network access to the target · Target running VX Search Enterprise 10.1.12

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 10, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42973/

Scores

CVSS v3 9.8

EPSS 0.0710

EPSS Percentile 93.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

flexense/vx_search 10.1.12

Published Oct 11, 2017

Tracked Since Feb 18, 2026