CVE-2017-17849 – A buffer overflow vulnerability in GetGo Downlo... (How to Fix)

Q: What is the severity of CVE-2017-17849?

CVE-2017-17849 has a CVSS score of 9.8 (CRITICAL). A buffer overflow vulnerability in GetGo Download Manager allows remote HTTP servers to execute arbitrary code by sending overly long responses. This affects NAS devices running GetGo Download Manager version 5.3.0.2712 and earlier, potentially giving attackers full control over affected systems.

📋 TL;DR

A buffer overflow vulnerability in GetGo Download Manager allows remote HTTP servers to execute arbitrary code by sending overly long responses. This affects NAS devices running GetGo Download Manager version 5.3.0.2712 and earlier, potentially giving attackers full control over affected systems.

💻 Affected Systems

Products:

GetGo Download Manager

Versions: 5.3.0.2712 and earlier

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Primarily affects NAS devices using GetGo Download Manager, but could impact any system running the vulnerable software.

📦 What is this software?

Getgo Download Manager by Getgosoft

View all CVEs affecting Getgo Download Manager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, ransomware deployment, or use as a foothold for lateral movement.

🟠

Likely Case

Remote code execution allowing attackers to install malware, create backdoors, or disrupt services on vulnerable NAS devices.

🟢

If Mitigated

Limited impact if proper network segmentation and access controls prevent external exploitation attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Multiple public exploits exist, making this easily weaponizable by attackers with basic skills.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.3.0.2713 or later

Vendor Advisory: https://packetstormsecurity.com/files/145530/GetGo-Download-Manager-5.3.0.2712-Buffer-Overflow.html

Restart Required: Yes

Instructions:

1. Download latest version from official GetGo website. 2. Uninstall current version. 3. Install updated version. 4. Restart system.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate NAS devices from untrusted networks and restrict HTTP traffic to trusted sources only.

Disable GetGo Download Manager

windows

Temporarily disable or uninstall GetGo Download Manager until patching is possible.

Control Panel > Programs > Uninstall a program > Select GetGo Download Manager > Uninstall

🧯 If You Can't Patch

Implement strict network access controls to prevent external HTTP connections to the vulnerable service.
Deploy intrusion detection/prevention systems to monitor for buffer overflow attempts and block malicious traffic.

🔍 How to Verify

Check if Vulnerable:

Check GetGo Download Manager version in program settings or Control Panel. If version is 5.3.0.2712 or earlier, system is vulnerable.

Check Version:

wmic product where name="GetGo Download Manager" get version

Verify Fix Applied:

Verify installed version is 5.3.0.2713 or later. Test by attempting to trigger the overflow with controlled payloads in a safe environment.

📡 Detection & Monitoring

Log Indicators:

Unusually large HTTP responses received by GetGo Download Manager
Process crashes or unexpected behavior in GetGo Download Manager service

Network Indicators:

HTTP traffic with abnormally large response sizes directed at NAS devices
Exploit patterns matching known buffer overflow payloads

SIEM Query:

source="*GetGo*" AND (event_type="crash" OR response_size>1000000)

📊 Metadata

CVE ID: CVE-2017-17849

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: December 27, 2017

Last Updated: April 20, 2025

🔗 References

https://packetstormsecurity.com/files/145530/GetGo-Download-Manager-5.3.0.2712-Buffer-Overflow.html Exploit,Third Party Advisory,VDB Entry
https://www.exploit-db.com/exploits/43391/ Exploit,Third Party Advisory,VDB Entry
https://www.exploit-db.com/exploits/45087/
https://packetstormsecurity.com/files/145530/GetGo-Download-Manager-5.3.0.2712-Buffer-Overflow.html Exploit,Third Party Advisory,VDB Entry
https://www.exploit-db.com/exploits/43391/ Exploit,Third Party Advisory,VDB Entry
https://www.exploit-db.com/exploits/45087/

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-17849, you might also want to check these: