cbcvebase.
CVE-2017-1000170
published 2017-11-17

CVE-2017-1000170: jqueryFileTree 2.1.5 and older Directory Traversal

PriorityP181high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
57.61%
99.0th percentile
jqueryFileTree 2.1.5 and older Directory Traversal

Affected

2 ranges
VendorProductVersion rangeFixed in
jqueryfiletree_projectjqueryfiletree<= 2.1.5
jqueryfiletree_projectjqueryfiletree0 – 2.1.5

Detection & IOCsextracted from sources · hover to see the quote

path/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php
commandPOST /wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php body: dir=%2Fetc%2F&onlyFiles=true
filenamejqueryFileTree.php
  • Look for POST requests to the vulnerable connector path with a body containing 'dir=%2F' (URL-encoded path traversal) and 'onlyFiles=true'
  • Responses from a vulnerable target will contain both a jqueryfiletree HTML structure and references to sensitive files such as 'passwd'; match both words in the response body
  • Exploit tool fingerprints a vulnerable host by checking that the response to a POST with dir=/ matches the pattern 'jqueryfiletree.*(bin|boot|dev|etc|var|usr|windows|users|temp)' (case-insensitive)
  • ·The Nuclei template targets WordPress installations specifically; the vulnerable path is under the 'delightful-downloads' WordPress plugin directory. Standalone jqueryFileTree deployments may expose the connector at a different path.
  • ·The exploit title references version 1.6.6 of the WordPress plugin while the CVE covers jqueryFileTree 2.1.5 and older; both are affected by the same directory traversal issue.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.