Detections
Analytics

CVE-2017-6513

critical

Description

The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by Virtualizor by accessing a modified URL.

References

https://gist.github.com/sedrubal/a83fa22f1091025a5c1a14aabd711ad7

http://www.virtualizor.com/blog/?p=1551

Details

Source: Mitre, NVD

Published: 2017-03-11

Updated: 2025-04-20

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00807