CVE-2017-7237

CRITICAL

Spiceworks Inventory <7.5 - Path Traversal

Title source: llm

Description

The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote attackers to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of the TFTP service for all clients who can reach UDP port 69, as demonstrated by a WRQ (aka Write request) operation for a configuration file or an executable file.

Exploits (1)

exploitdb WRITEUP

by hyp3rlinx · textremotewindows

https://www.exploit-db.com/exploits/41825

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] http://hyp3rlinx.altervista.org/advisories/SPICEWORKS-IMPROPER-ACCESS-CONTROL-FILE-OVERWRITE.txt

[Vendor Advisory] https://community.spiceworks.com/support/inventory/docs/network-config#security

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/41825/

Scores

CVSS v3 9.8

EPSS 0.1320

EPSS Percentile 94.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

spiceworks/spiceworks 7.5

Published Apr 06, 2017

Tracked Since Feb 18, 2026