VDB
CVE-2017-9947
CVE-2017-9947
PUBLISHED
EPSS 8.85% · 92.7th percentile
Risk Scores
EPSS Score
8.85%
92.7th percentile
Exploit Intelligence
- https://packetstorm.news/files/id/169544 (cve.org)
- APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. (github-poc-repo)
- APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. (github-poc-repo)
- APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. (github-poc-repo)
- APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. (github-poc-repo)
- APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. (github-poc-repo)
- APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. (github-poc-repo)
- APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. (github-poc)
- APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. (github-poc)
- APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947. (github-poc)
…and 5 more exploits
Timeline
- Oct 12, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Oct 28, 2022 PoC Published
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 11, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
References
- https://cert-portal.siemens.com/productcert/html/ssa-148078.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-220589.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-988345.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-484086.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-330556.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-145224.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-685781.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-693555.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-911567.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-401167.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-764417.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-712929.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-679335.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-388239.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-631336.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-740594.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-222547.html advisory