High severity8.8NVD Advisory· Published Jan 4, 2018· Updated Jun 17, 2026
CVE-2017-17867
CVE-2017-17867
Description
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed because the /etc/uci-defaults directory was not being used to secure the OpenWrt configuration.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
3- neonsea.uk/blog/2017/12/23/rce-inteno-iopsys.htmlnvdExploitTechnical DescriptionThird Party Advisory
- www.exploit-db.com/exploits/43428/nvdExploitThird Party AdvisoryVDB Entry
- public.inteno.senvd
News mentions
0No linked articles in our index yet.