CVE-2017-7178

Name of the Vulnerable Software and Affected Versions Deluge versions prior to 1.3.14

Description A CSRF issue was found in the web UI of Deluge. The exploitation involves hosting a crafted plugin that executes an arbitrary program from its init .py file and causing the victim to download, install, and enable this plugin.

Recommendations For Deluge versions prior to 1.3.14, update to version 1.3.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin installation feature to minimize the risk of exploitation. Avoid installing plugins from untrusted sources until the issue is resolved.