CVE-2017-17849
published 2017-12-27CVE-2017-17849: A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a…
PriorityP267critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
19.02%
97.0th percentile
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| getgosoft | getgo_download_manager | <= 5.3.0.2712 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The overflow is triggered via a long HTTP response header/status line. Monitor for HTTP responses with extremely long status lines (>4000 bytes) being received by GetGo Download Manager processes. ↗
- →SEH chain corruption is the exploitation mechanism. The SEH overwrite occurs at offset 4104 bytes (Windows 7 x86). Detect abnormal SEH chain entries in the GetGo Download Manager process. ↗
- →The attack requires the victim to initiate a download from an attacker-controlled server. Suspicious outbound connections from GetGo Download Manager to untrusted IPs on port 80 followed by a crash should be investigated. ↗
- ·The hardcoded EIP value (\x69\x9E\x45\x76) in the PoC is explicitly noted as demo-only and environment-specific; real exploits would use a different return address depending on the target OS and loaded modules. ↗
- ·The PoC was tested on Windows 7 x86 and Windows 10 x64; SEH offsets and exploit reliability may differ across OS versions and architectures. ↗
- ·CVE-2017-17849 affects GetGo Download Manager 5.3.0.2712 and earlier per the NVD advisory, but a separate PoC targets version 6.2.1.3200, suggesting the vulnerability may persist in later versions. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
GetGo Download Manager 6.2.1.3200 - Denial of Service (PoC)
exploitdb·2018-07-25·CVSS 9.8
CVE-2017-17849 [CRITICAL] GetGo Download Manager 6.2.1.3200 - Denial of Service (PoC)
GetGo Download Manager 6.2.1.3200 - Denial of Service (PoC)
---
# Exploit Title: GetGo Download Manager 6.2.1.3200 - Buffer Overflow (Denial of Service)
# Date: 2018-07-25
# Exploit Author: Nathu Nandwani
# Website: http://nandtech.co
# CVE: CVE-2017-17849
# Tested On: Windows 7 x86, Windows 10 x64
#
# Details
#
# The downloader feature of GetGo Download Manager is vulnerable
# to a buffer overflow which can cause a denial of service.
# To test the proof of concept, have it executed in your machine
# and let the GetGo application download 'index.html' from your
# given IP.
#
# SEH details (Windows 7 x86):
#
# SEH chain of thread 00000644, item 1
# Address=0863E2C8
# SE handler=68463967 4108 offset
#
# SEH chain of thread 00000644, item 2
# Address=46386746 4104 offset
# SE handler=*** CO
Exploit-DB
GetGo Download Manager 5.3.0.2712 - Buffer Overflow
exploitdb·2017-12-26·CVSS 9.8
CVE-2017-17849 [CRITICAL] GetGo Download Manager 5.3.0.2712 - Buffer Overflow
GetGo Download Manager 5.3.0.2712 - Buffer Overflow
---
# Exploit Title: Buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712
# CVE: CVE-2017-17849
# Date: 22-12-2017
# Tested on Windows 10 32 bits
# Exploit Author: Aloyce J. Makalanga
# Contact: https://twitter.com/aloycemjr
# Software Link: http://www.getgosoft.com/getgodm/
# Category: webapps
# Attack Type: Remote
# Impact: Code Execution
1. Description
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response. To exploit this vulnerability, an attacker needs to issue a malicious-crafted payload in the HTTP Response Header. A successful attack could result in code execution on the victim computer.
2. P
No writeups or analysis indexed.
https://packetstormsecurity.com/files/145530/GetGo-Download-Manager-5.3.0.2712-Buffer-Overflow.htmlhttps://www.exploit-db.com/exploits/43391/https://www.exploit-db.com/exploits/45087/https://packetstormsecurity.com/files/145530/GetGo-Download-Manager-5.3.0.2712-Buffer-Overflow.htmlhttps://www.exploit-db.com/exploits/43391/https://www.exploit-db.com/exploits/45087/
2017-12-27
Published