High severity8.8NVD Advisory· Published Jun 21, 2017· Updated May 13, 2026
CVE-2017-9774
CVE-2017-9774
Description
Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.
Affected products
24cpe:2.3:a:horde:horde_image_api:2.0.0:*:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:horde:horde_image_api:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:horde:horde_image_api:2.4.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- lists.horde.org/archives/announce/2017/001234.htmlnvdMailing ListVendor Advisory
- www.debian.org/security/2018/dsa-4276nvd
News mentions
0No linked articles in our index yet.