CVE-2017-2800

CRITICAL

wolfSSL < 3.10.2 - Certificate Validation Bypass via Crafted x509 Certificate

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-2800. PoCs published by Talos.

AI-analyzed exploit summary This exploit demonstrates an off-by-one write vulnerability in wolfSSL's x509 certificate parsing, leading to potential RCE or DoS. The PoC includes a crafted certificate generated via OpenSSL that triggers the vulnerability.

Description

A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library.

Exploits (1)

exploitdb WORKING POC
by Talos · textdosmultiple
https://www.exploit-db.com/exploits/41984

This exploit demonstrates an off-by-one write vulnerability in wolfSSL's x509 certificate parsing, leading to potential RCE or DoS. The PoC includes a crafted certificate generated via OpenSSL that triggers the vulnerability.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: wolfSSL library versions up to 3.10.2
No auth needed
Prerequisites: A malicious x509 certificate supplied to a server or client using wolfSSL
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41984/
Exploit, Third Party Advisory x_refsource_misc
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0293

Scores

CVSS v3 9.8
EPSS 0.0853
EPSS Percentile 94.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-295
Status published
Products (2)
wolfssl/wolfssl < 3.10.2
wolfSSL/wolfSSL 3.10.2
Published May 24, 2017
Tracked Since Feb 18, 2026