{"vulnerability": "cve-2017-12617", "sightings": [{"uuid": "947b3f93-6796-43c2-9287-4cdd927225c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "MISP/9a9801da-049b-4458-ab1c-7a892d5feb76", "content": "", "creation_timestamp": "2020-10-09T15:24:13.000000Z"}, {"uuid": "19d7d6d3-cac5-46c2-ab1e-8017c5c05d2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "cb0d92b2-5ed8-48a0-b8d9-0f6af8346d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "exploited", "source": "https://www.exploit-db.com/exploits/42966", "content": "", "creation_timestamp": "2017-10-09T00:00:00.000000Z"}, {"uuid": "409c1aef-a28f-4106-b7d5-316af86df245", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "exploited", "source": "https://www.exploit-db.com/exploits/43008", "content": "", "creation_timestamp": "2017-10-17T00:00:00.000000Z"}, {"uuid": "05843c33-3801-460b-ad51-169b524f5a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971419", "content": "", "creation_timestamp": "2024-12-24T20:29:03.273805Z"}, {"uuid": "b0db57dc-1091-4d04-8d66-4dfffc5f5429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "72549cbb-3411-4331-99a3-c2426cae089a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:53.000000Z"}, {"uuid": "4d40c7a9-cb07-4555-8774-fc5932924000", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:06.000000Z"}, {"uuid": "42409d96-0c94-4402-b1cf-ee88b45b63ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:15.000000Z"}, {"uuid": "92577a96-9865-4774-928a-b1280817f01a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "https://bsky.app/profile/hrbrmstr.mastodon.social.ap.brid.gy/post/3meaxbnbibwr2", "content": "", "creation_timestamp": "2026-02-07T08:01:47.483257Z"}, {"uuid": "22efc2ef-4ef7-447e-9065-2aec680f0a08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/tomcat_jsp_upload_bypass.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "815239f6-1ffd-48c0-a473-ee122e4f480a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2017-12617", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/237de4c3-2f15-4414-af25-7ea9c72c6e04", "content": "", "creation_timestamp": "2026-02-02T12:28:03.371040Z"}, {"uuid": "b7f4cc94-5c32-41a2-a9be-21b00103acf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/rce/apache_tomcat_cve_2017_12617", "content": "", "creation_timestamp": "2024-12-10T10:34:13.000000Z"}, {"uuid": "e23b4b6e-be53-4c75-aecb-46e437317453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "https://t.me/poxek/2400", "content": "#CVE\n\nApache Tomcat RCE\nCVE-2017-12617\n\naffect systems with HTTP PUTs enabled (via setting the \"read-only\" initialization parameter of the Default servlet to \"false\") are affected.", "creation_timestamp": "2022-08-29T19:00:04.000000Z"}, {"uuid": "3e5cdc94-b39b-4897-921e-0368e8d431b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "Telegram/I3J5qCH_JKCFSOMGFBcX6SqAo4S1Q6VOiRpHJLugpWkBKm3P", "content": "", "creation_timestamp": "2025-02-06T02:42:29.000000Z"}, {"uuid": "e22de30b-274b-4729-ad53-f3c35622dc4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "https://t.me/arpsyndicate/1300", "content": "#ExploitObserverAlert\n\nCVE-2017-12617\n\nDESCRIPTION: Exploit Observer has 132 entries related to CVE-2017-12617. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.\n\nFIRST-EPSS: 0.974700000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2023-12-04T20:41:30.000000Z"}, {"uuid": "a3faf5fd-7921-46f1-800c-84703d28fc0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "https://t.me/arpsyndicate/1505", "content": "#ExploitObserverAlert\n\nCVE-2017-12617\n\nDESCRIPTION: Exploit Observer has 132 entries related to CVE-2017-12617. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.\n\nFIRST-EPSS: 0.974700000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2023-12-06T15:43:10.000000Z"}, {"uuid": "64121206-5ed6-4368-8593-d66ca67ec2fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "published-proof-of-concept", "source": "Telegram/sQWWAbPQln1mhAoxoxZK8KQRUx1HB63SmzdtVeH38VLUnWo", "content": "", "creation_timestamp": "2025-04-29T23:00:05.000000Z"}, {"uuid": "052d039a-a903-4088-9f57-58df299731e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "https://t.me/information_security_channel/9627", "content": "Immediately Patch New Discovered Apache Tomcat RCE Flaw (CVE-2017-12617) that Allows Attackers to Hack Your Servers\u2026 https://t.co/M9uLSpBJcV", "creation_timestamp": "2017-10-05T13:18:32.000000Z"}, {"uuid": "ba666e93-6c72-45e7-b937-2f9bd54b5838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "seen", "source": "https://t.me/information_security_channel/9655", "content": "RT @TheHackersNews: Immediately Patch New Discovered Apache Tomcat RCE Flaw (CVE-2017-12617) that Allows Attackers to Hack Your Servers\u2026", "creation_timestamp": "2017-10-05T21:40:16.000000Z"}, {"uuid": "e74bd453-eae6-40ca-9b9f-43c616671c8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/9818", "content": "Exploit for Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / RCE (CVE-2017-12617) https://t.co/hYebroyVOT", "creation_timestamp": "2017-10-10T22:17:37.000000Z"}, {"uuid": "02f456d0-c4e5-4745-871a-bef18746643e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/2409", "content": "CVE-2017-12617\nApache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution\nhttps://github.com/cyberheartmi9/CVE-2017-12617", "creation_timestamp": "2017-10-09T22:18:05.000000Z"}, {"uuid": "0b8119c7-d889-406e-9b9b-64b5ff97b169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12617", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/293", "content": "ZeroDaily | 2017-10-10 | Breach blame game, Cyber victims clueless, and POC for CVE-2017-12617 \nhttps://www.hackerone.com/zerodaily/2017-10-10", "creation_timestamp": "2017-10-11T10:19:15.000000Z"}]}