Login Sign Up

CVE-2017-15877

9.8 CRITICAL

📋 TL;DR

CVE-2017-15877 is an insecure permissions vulnerability in GPWeb 8.4.61 that allows remote attackers to directly access the db.php file containing database credentials. This affects all GPWeb 8.4.61 installations with default configurations, exposing sensitive authentication information.

💻 Affected Systems

Products:
  • GPWeb
Versions: 8.4.61
Operating Systems: All platforms running GPWeb
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default installation of GPWeb 8.4.61 where the db.php file is accessible without proper access controls.

📦 What is this software?

Gpweb by Sistemagpweb

View all CVEs affecting Gpweb →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain database credentials, leading to complete database compromise, data theft, privilege escalation, and potential lateral movement within the network.

🟠

Likely Case

Attackers gain unauthorized access to the database, potentially extracting sensitive user data, modifying records, or using credentials for further attacks.

🟢

If Mitigated

With proper access controls and network segmentation, impact is limited to credential exposure requiring credential rotation and monitoring.

🌐 Internet-Facing: HIGH - The vulnerability allows unauthenticated remote access to sensitive files without requiring any authentication.
🏢 Internal Only: HIGH - Even internally, any user with network access can exploit this vulnerability to gain database credentials.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires only direct HTTP access to the vulnerable db.php file path.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 8.4.62 or later

Vendor Advisory: https://www.gpweb.com.br/

Restart Required: No

Instructions:

1. Upgrade GPWeb to version 8.4.62 or later. 2. Verify the db.php file permissions are properly restricted. 3. Rotate all database credentials exposed by the vulnerability.

🔧 Temporary Workarounds

Restrict db.php file access

linux

Set proper file permissions to prevent unauthorized access to the db.php file

chmod 600 /path/to/gpweb/db.php
chown root:root /path/to/gpweb/db.php

Web server access control

all

Configure web server to deny direct access to db.php file

<Files "db.php">
  Order allow,deny
  Deny from all
</Files>

🧯 If You Can't Patch

  • Move db.php file outside web root directory
  • Implement network-level access controls to restrict access to GPWeb administration interfaces

🔍 How to Verify

Check if Vulnerable:

Attempt to access http://[gpweb-host]/db.php via web browser or curl. If the file returns database credentials, the system is vulnerable.

Check Version:

Check GPWeb version in administration panel or configuration files

Verify Fix Applied:

Attempt to access the db.php file after applying fixes - should return 403 Forbidden or similar error.

📡 Detection & Monitoring

Log Indicators:

  • HTTP 200 responses to db.php access
  • Unusual database connection attempts from web server IP

Network Indicators:

  • HTTP GET requests to /db.php from external IPs
  • Sudden database traffic spikes

SIEM Query:

source="web_access.log" AND uri="/db.php" AND status=200

📊 Metadata

CVE ID: CVE-2017-15877
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-732
Published: December 19, 2017
Last Updated: April 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-15877, you might also want to check these:

CVE-2021-33509 9.9

This vulnerability allows remote authenticated managers in Plone to perform arbitrary disk I/O opera...

Same vulnerability type (CWE-732)
CVE-2024-5618 9.9

This vulnerability allows attackers to access functionality they shouldn't have permission to use in...

Same vulnerability type (CWE-732)
CVE-2023-40622 9.9

This vulnerability in SAP BusinessObjects Business Intelligence Platform allows authenticated attack...

Same vulnerability type (CWE-732)