cbcvebase.
CVE-2017-1000215
published 2017-11-17

CVE-2017-1000215: ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution

PriorityP266critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
6.47%
92.9th percentile
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution

Affected

2 ranges
VendorProductVersion rangeFixed in
debianxrootd
xrootdxrootd<= 4.6.0

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability affects ROOT xrootd version 4.6.0 and below; any xrootd process running version <= 4.6.0 should be flagged as potentially exploitable for unauthenticated shell command injection / RCE
  • ·The vulnerability is exploitable without authentication, meaning no credentials or prior access are required to trigger the shell command injection; ensure xrootd services are not exposed to untrusted networks on any version <= 4.6.0
  • ·Debian distributions (bookworm, bullseye, forky, sid, trixie) have resolved this CVE; verify patched packages are deployed in Debian-based environments

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_debian9.8LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.