CVE-2017-7376

CRITICAL

libxml2 < 2.9.5 - Remote Code Execution via Redirect Port Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-7376. PoCs published by brahmstaedt.

AI-analyzed exploit summary This PoC exploits CVE-2017-7376, a buffer overflow in libxml2's nanohttp.c when processing HTTP redirects with overly large port numbers. It includes a custom web server to trigger the vulnerability and a test program to demonstrate the overflow.

Description

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.

Exploits (1)

nomisec WORKING POC 2 stars

by brahmstaedt · poc

https://github.com/brahmstaedt/libxml2-exploit

View Code ZIP pw:eip

This PoC exploits CVE-2017-7376, a buffer overflow in libxml2's nanohttp.c when processing HTTP redirects with overly large port numbers. It includes a custom web server to trigger the vulnerability and a test program to demonstrate the overflow.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: libxml2 v2.7.7

No auth needed

Prerequisites: Vulnerable libxml2 version · Node.js for the HTTP server · Compilation environment

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7

Core References

Third Party Advisory x_refsource_confirm

https://source.android.com/security/bulletin/2017-06-01

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2017/dsa-3952

Patch, Third Party Advisory x_refsource_confirm

https://git.gnome.org/browse/libxml2/commit/?id=5dca9eea1bd4263bfa4d037ab2443de1cd730f7e

Patch, Third Party Advisory x_refsource_confirm

https://android.googlesource.com/platform/external/libxml2/+/51e0cb2e5ec18eaf6fb331bc573ff27b743898f4

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/98877

Issue Tracking, Third Party Advisory x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=1462216

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1038623

Scores

CVSS v3 9.8

EPSS 0.2414

EPSS Percentile 97.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (11)

debian/debian_linux 8.0

debian/debian_linux 9.0

google/android 4.4.4

google/android 5.0.2

google/android 5.1.1

google/android 6.0

google/android 6.0.1

google/android 7.0

google/android 7.1.1

google/android 7.1.2

... and 1 more

Published Feb 19, 2018

Tracked Since Feb 18, 2026