CVE-2017-7183
HIGHExtraPuTTY < 0.29 - Denial of Service via Large TFTP Message
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2017-7183. PoCs published by hyp3rlinx.
AI-analyzed exploit summary This exploit targets a Denial of Service (DoS) vulnerability in ExtraPuTTY's TFTP server component by sending malformed UDP packets with oversized payloads. The PoC crashes the server by triggering an access violation.
Description
The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message.
Exploits (1)
exploitdb
WORKING POC
by hyp3rlinx · textdoswindows
https://www.exploit-db.com/exploits/41639
This exploit targets a Denial of Service (DoS) vulnerability in ExtraPuTTY's TFTP server component by sending malformed UDP packets with oversized payloads. The PoC crashes the server by triggering an access violation.
Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
ExtraPuTTY v029_RC2 and v0.30 r15
No auth needed
Prerequisites:
Network access to the target's TFTP server (UDP port 69)
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96973
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/141705/ExtraPuTTY-029_rc2-Denial-Of-Service.html
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/41639/
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/540300/100/0/threaded
Scores
CVSS v3
7.5
EPSS
0.0595
EPSS Percentile
92.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
extraputty/extraputty
< 0.29
Published
Mar 27, 2017
Tracked Since
Feb 18, 2026