CVE-2011-10017 in Snort Reportinfo

Zusammenfassung

von MITRE • 14.08.2025

Snort Report versions < 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and can result in full compromise of the underlying system.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulnCheck

Reservieren

13.08.2025

Veröffentlichung

14.08.2025

Moderieren

akzeptiert

Eintrag

VDB-320049

CPE

bereit

CWE

CWE-78 (bestätigt)

Exploit

Download

CVSS

9.8 (VulDB)

EPSS

0.63506

KEV

nein

Aktivitäten

very low

Sektor

Police, Insurance, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-10017
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-10017
CVE Details	https://www.cvedetails.com/cve/CVE-2011-10017/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!