CVE-2017-6622

CRITICAL

Cisco Prime Collaboration Provisioning < 12.1 - Unauthenticated Command Injection via HTTP Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-6622. PoCs published by Adam Brown.

AI-analyzed exploit summary This exploit leverages an authentication bypass in Cisco Prime Collaboration Provisioning's ScriptMgr servlet to execute arbitrary Java code via the 'scripttext' parameter, resulting in a reverse shell. The payload uses a named pipe and netcat for command execution.

Description

A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. This vulnerability affects Cisco Prime Collaboration Provisioning Software Releases prior to 12.1. Cisco Bug IDs: CSCvc98724.

Exploits (1)

exploitdb WORKING POC
by Adam Brown · bashremotehardware
https://www.exploit-db.com/exploits/42888

This exploit leverages an authentication bypass in Cisco Prime Collaboration Provisioning's ScriptMgr servlet to execute arbitrary Java code via the 'scripttext' parameter, resulting in a reverse shell. The payload uses a named pipe and netcat for command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Cisco Prime Collaboration Provisioning < 12.1
No auth needed
Prerequisites: Network access to target · Netcat listener on attacker machine
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038507
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/98520
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/42888/

Scores

CVSS v3 9.8
EPSS 0.6217
EPSS Percentile 99.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-264 CWE-862
Status published
Products (11)
cisco/prime_collaboration_provisioning 9.0.0
cisco/prime_collaboration_provisioning 9.5.0
cisco/prime_collaboration_provisioning 10.0.0
cisco/prime_collaboration_provisioning 10.5.0
cisco/prime_collaboration_provisioning 10.5.1
cisco/prime_collaboration_provisioning 10.6.0
cisco/prime_collaboration_provisioning 10.6.2
cisco/prime_collaboration_provisioning 11.0.0
cisco/prime_collaboration_provisioning 11.1.0
cisco/prime_collaboration_provisioning 11.5.0
... and 1 more
Published May 18, 2017
Tracked Since Feb 18, 2026