CVE-2018-13417

CRITICAL

Vuze Bittorrent Client 5.7.6.0 - XML External Entity Injection via SSDP/UPnP XML Parser

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-13417. PoCs published by Chris Moberly.

AI-analyzed exploit summary This exploit demonstrates an Out-of-Band XXE vulnerability in Vuze Bittorrent Client's SSDP processing, allowing unauthenticated attackers on the same LAN to access arbitrary files, capture NetNTLM hashes, or achieve remote command execution via SMB relay attacks.

Description

In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running Vuze, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.

Exploits (1)

exploitdb WORKING POC

by Chris Moberly · textwebappsxml

https://www.exploit-db.com/exploits/45145

View Code ZIP pw:eip

This exploit demonstrates an Out-of-Band XXE vulnerability in Vuze Bittorrent Client's SSDP processing, allowing unauthenticated attackers on the same LAN to access arbitrary files, capture NetNTLM hashes, or achieve remote command execution via SMB relay attacks.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Vuze Bittorrent Client 5.7.6.0

No auth needed

Prerequisites: Network access to the same LAN as the target · Vuze client running and discoverable via SSDP

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1213 - Data from Information Repositories

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Mailing List, Technical Description, Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2018/Aug/2

Exploit, Technical Description, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/45145/

Scores

CVSS v3 9.8

EPSS 0.2069

EPSS Percentile 97.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-611

Status published

Products (1)

vuze/bittorrent_client 5.7.6.0

Published Aug 13, 2018

Tracked Since Feb 18, 2026