{"vulnerability": "CVE-2017-16666", "sightings": [{"uuid": "6bc08d30-7338-45fe-97d2-70d432a5982f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16666", "type": "exploited", "source": "https://www.exploit-db.com/exploits/43430", "content": "", "creation_timestamp": "2018-01-04T00:00:00.000000Z"}, {"uuid": "1fed5e44-fca0-42e4-aeeb-d136e016ff66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16666", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:55.000000Z"}, {"uuid": "8aae9bcc-71f1-4704-b678-6fe5eeba3067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16666", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "e194dcb6-6de4-44cd-96c3-7fc72e675b5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16666", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/xplico_exec.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "51cb0d7f-000a-4d47-9937-54667db7592a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-16666", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/33", "content": "#exploit\n1. CVE-2017-16666:\nXplico - Unauthenticated RCE\nhttps://pentest.blog/advisory-xplico-unauthenticated-remote-code-execution-cve-2017-16666\n\n2. CVE-2018-7250:\nSecDrvPoolLeak - An uninitialized kernel pool allocation in IOCTL 0xCA002813\nhttps://github.com/Elvin9/SecDrvPoolLeak\n\n3. CVE-2018-11776:\nApache Struts Vulnerability\nhttps://semmle.com/news/apache-struts-CVE-2018-11776\n]-> PoC: https://securitylab.github.com/research/apache-struts-CVE-2018-11776\n\n4. CVE-2018-6194, CVE-2018-6195:\nPHP Object Injection + XSS in WordPress Splashing Images Plugin\nhttps://seclists.org/fulldisclosure/2018/Jan/91", "creation_timestamp": "2024-06-22T09:27:44.000000Z"}]}