CVE-2017-17672

CRITICAL

vBulletin < 5.3.3 - Unauthenticated Deserialization via Template Cache API

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-17672. PoCs published by SecuriTeam.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated deserialization vulnerability in vBulletin 5, allowing arbitrary file deletion via a crafted POST request to the cacheTemplates API endpoint. The PoC leverages PHP's unserialize() on user-supplied input to manipulate the vB_Image_ImageMagick object.

Description

In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates.

Exploits (1)

exploitdb WORKING POC
by SecuriTeam · webappsmultiple
https://www.exploit-db.com/exploits/43362

This exploit demonstrates an unauthenticated deserialization vulnerability in vBulletin 5, allowing arbitrary file deletion via a crafted POST request to the cacheTemplates API endpoint. The PoC leverages PHP's unserialize() on user-supplied input to manipulate the vB_Image_ImageMagick object.

Classification
Working Poc 95%
Attack Type
Deserialization
Complexity
Moderate
Reliability
Reliable
Target: vBulletin 5
No auth needed
Prerequisites: vBulletin 5 installation · access to the /ajax/api/template/cacheTemplates endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/43362/
Exploit, Third Party Advisory x_refsource_misc
https://blogs.securiteam.com/index.php/archives/3573

Scores

CVSS v3 9.8
EPSS 0.1491
EPSS Percentile 96.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-502
Status published
Products (2)
vbulletin/vbulletin 5.0.0 beta_11 (2 CPE variants)
vbulletin/vbulletin 5.0.1 - 5.3.3
Published Dec 14, 2017
Tracked Since Feb 18, 2026