CVE-2017-8852

HIGH

SAP SAPCAR 721.510 - Heap-Based Buffer Overflow via Crafted CAR Archive

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-8852. PoCs published by Core Security.

AI-analyzed exploit summary This Python script generates a malformed SAPCAR archive file that triggers a heap-based buffer overflow in SAPCAR version 721.510, leading to a segmentation fault and potential local code execution.

Description

SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Core Security · pythondoslinux
https://www.exploit-db.com/exploits/41991

This Python script generates a malformed SAPCAR archive file that triggers a heap-based buffer overflow in SAPCAR version 721.510, leading to a segmentation fault and potential local code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SAP SAPCAR archive tool version 721.510
No auth needed
Prerequisites: Python environment with scapy and pysap libraries · SAPCAR tool installed locally
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41991/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/98350

Scores

CVSS v3 7.8
EPSS 0.0330
EPSS Percentile 86.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
sap/sapcar 721.510
Published May 10, 2017
Tracked Since Feb 18, 2026