CVE-2017-5869

HIGH

Nuxeo Platform 6.0, 7.1-7.3 - Authenticated Path Traversal and Remote Code Execution via X-File-Name Header

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-5869. PoCs published by Sysdream.

AI-analyzed exploit summary This Metasploit module exploits an authenticated file upload vulnerability in Nuxeo Platform (CVE-2017-5869) by uploading a malicious JSP file to an arbitrary location via the `X-File-Name` header, leading to remote code execution.

Description

Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code via a .. (dot dot) in the X-File-Name header.

Exploits (1)

exploitdb WORKING POC
by Sysdream · rubywebappsjsp
https://www.exploit-db.com/exploits/41748

This Metasploit module exploits an authenticated file upload vulnerability in Nuxeo Platform (CVE-2017-5869) by uploading a malicious JSP file to an arbitrary location via the `X-File-Name` header, leading to remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Nuxeo Platform 6.0 to 7.3
Auth required
Prerequisites: Valid credentials for Nuxeo Platform · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2017/03/23/6
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41748/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/97083

Scores

CVSS v3 8.8
EPSS 0.3458
EPSS Percentile 98.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (4)
nuxeo/nuxeo 6.0
nuxeo/nuxeo 7.1
nuxeo/nuxeo 7.2
nuxeo/nuxeo 7.3
Published Mar 24, 2017
Tracked Since Feb 18, 2026