VulniosVulnios
All Threat Alerts
criticalCVE Alert
CVE-2017-8817

Critical Vulnerability: CVE-2017-8817 — haxx, debian — curl, libcurl

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

Wednesday, April 15, 2026haxx, debianVulnios Threat Intelligence
Share:

Executive Summary

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

Why It Matters

CVE-2017-8817 is rated CRITICAL severity, requiring immediate attention from security teams.

CVSS Base Score: 9.8/10

EPSS (Exploit Prediction): 0.9% probability of exploitation in the next 30 days.

Affected Technologies

Vendors: haxx, debian

Products: curl, libcurl, debian_linux

🛡️What Defenders Should Check

  • Check if you are affected — Review your asset inventory for products listed in CVE-2017-8817.
  • Apply available patches — Visit vendor advisories for the latest security updates.
  • Monitor for exploitation — Check your SIEM/IDS logs for related indicators.

    • Use Vulnios to continuously monitor your exposure to CVE-2017-8817 and similar vulnerabilities.

    References & Sources

  • http://security.cucumberlinux.com/security/details.php?id=162
  • http://www.securityfocus.com/bid/102057
  • http://www.securitytracker.com/id/1039897
  • https://access.redhat.com/errata/RHSA-2018:3558
  • https://curl.haxx.se/docs/adv_2017-ae72.html
  • https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html
  • https://security.gentoo.org/glsa/201712-04
  • https://www.debian.org/security/2017/dsa-4051
  • http://security.cucumberlinux.com/security/details.php?id=162
  • http://www.securityfocus.com/bid/102057

    • AI Security Advisor

    Powered by Gemini

    Get AI-powered security recommendations tailored to this specific threat — including risk assessment, detection guidance, MITRE ATT&CK mapping, and actionable remediation steps.

    Affected Products

    curllibcurldebian_linux

    Sources

    criticaldos

    Protect Your Organization

    Monitor CVEs, scan for vulnerabilities, and get real-time threat alerts — all in one platform.

    Get Started FreeFree Security ScanOSINT Dashboard

    Get instant alerts on Telegram

    Join our public channel for real-time critical CVE alerts.

    Follow @vulnios