CVE-2017-7269
ENISA EUVD: EUVD-2017-16299 ↗
Exploited in the Wild
✓ Confirmed 0-Day
Triaged: March 20, 2026
3 articles
Published: 2017-03-27
EPSS Score
Source: FIRST.org · 2026-05-23
94.41%
probability
This CVE has a 94.41% probability
of being exploited in the next 30 days.
0%
Top 100.0th percentile of all CVEs
100%
CVSS v3.1
Source: VulnerabilityLookup (CIRCL)9.8
CRITICAL
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2 (legacy)
10.0
HIGH
Access Vector
Network
Access Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
AV:N/AC:L/Au:N/C:C/I:C/A:C
Description
VulnerabilityLookup (CNA)Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
Affected Products
n/a
n/a
Attack Intelligence
Exploits & PoC
zcgonvh/cve-2017-7269
fixed msf module for cve-2017-7269
134
2017-03-30
g0rx/iis6-exploit-2017-CVE-2017-7269
iis6 exploit 2017 CVE-2017-7269
92
2023-02-04
lcatro/CVE-2017-7269-Echo-PoC
CVE-2017-7269 回显PoC ,用于远程漏洞检测..
89
2018-10-27
zcgonvh/cve-2017-7269-tool
CVE-2017-7269 to webshell or shellcode loader
88
2017-05-16
eliuha/webdav_exploit
An exploit for Microsoft IIS 6.0 CVE-2017-7269
22
2017-03-29
11
2018-04-28
slimpagey/IIS_6.0_WebDAV_Ruby
Ruby Exploit for IIS 6.0 Buffer Overflow (CVE-2017-7269)
5
2017-04-06
5
2021-07-16
geniuszly/CVE-2017-7269
is a PoC tool demonstrating an exploit for a known vulnerability in the WebDAV component of IIS6
4
2024-10-07
caicai1355/CVE-2017-7269-exploit
exec 8 bytes command
1
2017-03-29
Cappricio-Securities/CVE-2017-7269
Windows Server 2003 & IIS 6.0 - Remote Code Execution
1
2024-06-24
nika0x38/CVE-2017-7269
A Rust implementation of the POC for CVE-2017-7269, targeting the WebDAV service in Microsoft Internet Information Services (IIS) 6.0.
1
2025-10-09
M1a0rz/CVE-2017-7269
Poc for iis6.0
0
2017-03-30
0
2017-03-30
0
2017-04-13
xiaovpn/CVE-2017-7269
CVE-2017-7269
0
2017-04-24
mirrorblack/CVE-2017-7269
CVE-2017-7269利用代码(rb文件)
0
2018-01-24
0
2017-04-04
denchief1/CVE-2017-7269_Python3
CVE-2017-7269 implemented in python3
0
2022-08-28
denchief1/CVE-2017-7269
CVE-2017-7269 implemented in C#
0
2022-08-29
0
2024-09-05
0
2026-01-19
22 repos — triés par ⭐
Rechercher sur GitHub ↗
https://www.exploit-db.com/exploits/41992/
exploit
x_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/97127
vdb-entry
x_refsource_BID
https://github.com/rapid7/metasploit-framework/pull/8162
x_refsource_MISC
https://github.com/danigargu/explodingcan
x_refsource_MISC
http://www.securitytracker.com/id/1038168
vdb-entry
x_refsource_SECTRACK
Signal Intelligence
Confidence
75%
EPSS
94.41%
CVSS v3.1
9.8
Mentions
3
Last Seen
Jun 13, 2017
CNA Information
CNA Assigner
mitre
Analyst Note
CVE-2017-7269 is an IIS 6.0 vulnerability with explicit zero-day exploitation documented since July 2016 (before the 2017 CVE year suggests patching). Article [2] directly names it as 'Zero-Day Exploited in Live Attacks,' establishing active in-the-wild exploitation. The June 2017 Microsoft patch batch (Article [1]) aligns with vendor remediation timing.
Threat Actors 1
Turla Group
apt_group
Information theft and espionage
Russian Federation
Triage Info
Decided atMar 20, 2026
Published DateMar 27, 2017