CVEs-PoC/2017/CVE-2017-7442.md

CVE-2017-7442

Description

Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.

POC

Reference

• http://srcincite.io/advisories/src-2017-0005/
• http://srcincite.io/advisories/src-2017-0005/
• https://www.exploit-db.com/exploits/42418/
• https://www.exploit-db.com/exploits/42418/

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/lnick2023/nicenice
• https://github.com/qazbnm456/awesome-cve-poc
• https://github.com/xbl3/awesome-cve-poc_qazbnm456