cbcvebase.
CVE-2017-6869
published 2017-08-08

CVE-2017-6869: A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload…

PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.98%
85.6th percentile
A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload arbitrary code and execute it with the permissions of the operating-system user running the web server by sending specially crafted network packets to port 443/TCP or port 80/TCP.

Detection & IOCsextracted from sources · hover to see the quote

port443/TCP
port80/TCP
  • Monitor for unauthenticated file upload attempts to Siemens ViewPort for Web Office Portal on ports 443/TCP and 80/TCP; successful exploitation results in arbitrary code execution under the web server OS user context.
  • Alert on inbound network traffic to ViewPort for Web Office Portal (pre-revision 1453) on ports 443/TCP and 80/TCP that does not present valid authentication credentials, particularly requests carrying file upload payloads.
  • ·No known public exploits specifically target this vulnerability at time of advisory publication; detections should focus on anomalous upload behaviour rather than known exploit signatures.
  • ·Only ViewPort for Web Office Portal versions prior to revision number 1453 are affected; patched installations (revision 1453+) are not vulnerable.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.