Vulnerability identifier: #VU16974

Vulnerability risk: Low

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C]

CVE-ID: CVE-2017-11610

CWE-ID: CWE-77

Exploitation vector: Network

Exploits in database: 3

• March 18, 2020
  • CVE-2017-11610 (Standalone Python ≥3.6 RCE Unauthenticated exploit for Supervisor 3.0a1 to 3.3.2) [Github]
  • Supervisor 3.0a1 < 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit) [Exploit-DB]
  • Supervisor XML-RPC Authenticated Remote Code Execution [Metasploit]

Impact: Code execution

Vulnerable software:
Supervisor
Client/Desktop applications / Other client software

Vendor: Supervisor