Vulnerability detail
Enriched intelligence for a single CVE
Critical
CVE-2017-7494
PUBLISHEDSamba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to...
- Vendor
- Samba
- Product
- samba
- Published
- May 30, 2017
- EPSS
- —
Description
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
CVSS scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AV:N/AC:L/Au:N/C:C/I:C/A:C
SSVC decision points
- Exploitation
- active
- Automatable
- Yes
- Technical impact
- total
References
- http://www.securityfocus.com/bid/98636
- http://www.debian.org/security/2017/dsa-3860
- https://www.exploit-db.com/exploits/42084/
- https://access.redhat.com/errata/RHSA-2017:1270
- https://www.samba.org/samba/security/CVE-2017-7494.html
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-095-01+Security+Notification+Umotion+V1.1.pdf&p_Doc_Ref=SEVD-2018-095-01
- https://access.redhat.com/errata/RHSA-2017:1390
- http://www.securitytracker.com/id/1038552
- https://access.redhat.com/errata/RHSA-2017:1273
- https://access.redhat.com/errata/RHSA-2017:1271
- https://security.gentoo.org/glsa/201805-07
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03759en_us
- https://access.redhat.com/errata/RHSA-2017:1272
- https://security.netapp.com/advisory/ntap-20170524-0001/
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03755en_us
- https://www.exploit-db.com/exploits/42060/
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Mar 30, 2023 |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/samba/is_known_pipename.rb | Apr 28, 2025 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2022-11-01 23:17:25 UTC · 5 stars
SambaCry (CVE-2017-7494) exploit for Samba | bind shell without Metasploit
github · Created 2022-05-29 16:27:13 UTC · 1 stars
SambaCry exploit (CVE-2017-7494)
github · Created 2021-09-29 20:31:20 UTC · 0 stars
According to researchers with Rapid7, over 110,000 devices appear on internet, which run stable Samba versions, while 92,500 seem to run unstable Samba versions, for which there is no fix. The newest Samba models, including the models 4.6.x before 4.6.4, 4.5.x before 4.5.10 and 3.5.0 before 4.4.13, was impacted by this error. May 24, 2017, Samba released version 4.6.4, which fixes a serious remote code execution vulnerability, vulnerability number CVE-2017-7494, which affected Samba 3.5.0 onwards. Vulnerability number: CVE-2017-7494 Severity Rating: High Affected software: • Samba Version < 4.6.4 • Samba Version < 4.5.10 • Samba Version < 4.4.14 Unaffected software: • Samba Version = 4.6.4 • Samba Version = 4.5.10 • Samba Version = 4.4.14
github · Created 2021-05-09 02:32:54 UTC · 4 stars
CVE-2017-7494 python exploit
github · Created 2020-05-10 21:17:55 UTC · 0 stars
A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root.
github · Created 2017-06-05 16:25:57 UTC · 257 stars
Remote root exploit for the SAMBA CVE-2017-7494 vulnerability
github · Created 2017-05-26 00:58:25 UTC · 381 stars
SambaCry exploit and vulnerable container (CVE-2017-7494)
github · Created 2017-05-25 14:13:10 UTC · 0 stars
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Exploit Used in Malware
-
Added to KEVIntel
-
Detected by Metasploit