CVE-2017-7577

CRITICAL EXPLOITED

XiongMai uc-httpd - Path Traversal via GET Request

Title source: llm

Exploitation Summary

CVE-2017-7577 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2017-7577, targeting Watchguard XCS appliances. It combines an unauthenticated SQL injection to create a valid user and a command injection vulnerability to achieve remote code execution as the 'nobody' user.

Description

XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request.

Exploits (1)

vulncheck_xdb WORKING POC

remote

https://github.com/threat9/routersploit

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2017-7577, targeting Watchguard XCS appliances. It combines an unauthenticated SQL injection to create a valid user and a command injection vulnerability to achieve remote code execution as the 'nobody' user.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Watchguard XCS 9.2/10.0

No auth needed

Prerequisites: Network access to the target appliance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 22, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

http://zeroday.insecurity.zone/exploits/uc-httpd_lfi.txt

Scores

CVSS v3 9.8

EPSS 0.0564

EPSS Percentile 90.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2026-05-22

CWE

CWE-22

Status published

Products (1)

xiongmaitech/uc-httpd

Published Apr 07, 2017

Tracked Since Feb 18, 2026