CVE-2017-20018

MEDIUM

XAMPP 7.1.1-0-VC14 - Privilege Escalation

Title source: llm

Description

A vulnerability was found in XAMPP 7.1.1-0-VC14. It has been classified as problematic. Affected is an unknown function of the component Installer. The manipulation leads to privilege escalation. It is possible to launch the attack remotely.

References (2)

[Exploit, Mitigation, Third Party Advisory, VDB Entry] https://packetstormsecurity.com/files/142406/xampp-dllhijack.txt

[Third Party Advisory] https://vuldb.com/?id.100950

Scores

CVSS v3 6.3

EPSS 0.0017

EPSS Percentile 38.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-427

Status published

Affected Products (1)

apachefriends/xampp

Timeline

Published Jun 09, 2022

Tracked Since Feb 18, 2026