Critical severity9.9NVD Advisory· Published Oct 10, 2017· Updated Jun 17, 2026
CVE-2017-13706
CVE-2017-13706
Description
XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery (SSRF) attacks, conduct internal port scans, or have unspecified other impact via an XML request, aka bug #572705.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:lansweeper:lansweeper:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:lansweeper:lansweeper:*:*:*:*:*:*:*:*range: <=6.0.100.29
- (no CPE)range: <6.0.100.67
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/144527/Lansweeper-6.0.100.29-XXE-Injection.htmlnvdThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2017/Oct/14nvdMailing ListThird Party Advisory
- www.lansweeper.com/changelog.aspxnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.