{"vulnerability": "CVE-2017-16651", "sightings": [{"uuid": "b5ef396f-1220-4234-a3e1-42c947444b05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "af12d236-40b5-4b2f-8e5b-8b2329c152bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "d0c119ed-f946-47dd-a9cd-d109828ea7ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "seen", "source": "MISP/81bb14c6-8c20-4f46-ac9a-58a8fa884df3", "content": "", "creation_timestamp": "2024-11-14T06:08:10.000000Z"}, {"uuid": "1d2bc2f0-0552-4d7c-8e1b-5303c1237c61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970942", "content": "", "creation_timestamp": "2024-12-24T20:22:05.021072Z"}, {"uuid": "807777ea-6ec1-486a-b89a-8738ae0f9bbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "8813c43c-373d-429a-acf6-32f7328b1191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:39.000000Z"}, {"uuid": "eeeeb827-a920-441c-832e-e4286399218f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:55.000000Z"}, {"uuid": "655d4f1e-2892-41a4-8621-487003db0ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:12:58.000000Z"}, {"uuid": "9b2ad406-8c34-4e5a-9cbf-6ab1452da6c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/roundcube_auth_file_read.rb", "content": "", "creation_timestamp": "2023-09-06T14:59:44.000000Z"}, {"uuid": "d04f2b6b-811d-4698-b3d1-00b0c0f57485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2017-16651", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4619d914-32fd-4c50-9caa-9316a0e61f4a", "content": "", "creation_timestamp": "2026-02-02T12:29:01.454621Z"}, {"uuid": "fc771d0e-c3ef-4edc-b580-38d08a7a2156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16651", "type": "exploited", "source": "https://t.me/arpsyndicate/1135", "content": "#ExploitObserverAlert\n\nCVE-2017-16651\n\nDESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-16651. Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings", "creation_timestamp": "2023-12-04T06:32:43.000000Z"}]}