CVE-2016-6601
Published on: 01/23/2017 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:11 PM UTC
Certain versions of Webnms Framework from Zohocorp contain the following vulnerability:
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile.
- CVE-2016-6601 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.5 - HIGH
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
|---|---|---|---|---|
| NETWORK | LOW | NONE | NONE | |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
| UNCHANGED | HIGH | NONE | NONE |
CVSS2 Score: 5 - MEDIUM
| Access Vector ⓘ |
Access Complexity |
Authentication |
|---|---|---|
| NETWORK | LOW | NONE |
| Confidentiality Impact |
Integrity Impact |
Availability Impact |
| PARTIAL | NONE | NONE |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| WebNMS Framework 5.2 SP1 Traversal / Weak Obfuscation / User Impersonation ≈ Packet Storm | Exploit Third Party Advisory packetstormsecurity.com text/html |
MISC packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html |
| WebNMS Framework Server 5.2 / 5.2 SP1 - Multiple Vulnerabilities | Exploit Third Party Advisory www.exploit-db.com Proof of Concept text/html |
EXPLOIT-DB 40229 |
| CVE-2016-6601 WebNMS Framework Server Arbitrary Text File Download | Rapid7 | Third Party Advisory www.rapid7.com text/html |
MISC www.rapid7.com/db/modules/auxiliary/admin/http/webnms_file_download |
| Full Disclosure: [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1 | Exploit Mailing List seclists.org text/html |
FULLDISC 20160812 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1 |
| Recent Vulnerabilities in WebNMS and how to protect the server against them - WebNMS Developer Forums | forums.webnms.com text/html |
CONFIRM forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them |
| CVE-2016-6601 WebNMS Framework Server Credential Disclosure | Rapid7 | Third Party Advisory www.rapid7.com text/html |
MISC www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosure |
| SSD Advisory – Multiple Vulnerabilities in WebNMS Framework Server | SecuriTeam Blogs | Exploit Technical Description Third Party Advisory web.archive.org text/html Inactive LinkNot Archived |
MISC blogs.securiteam.com/index.php/archives/2712 |
| WebNMS Framework Multiple Security Vulnerabilities | Third Party Advisory VDB Entry cve.report (archive) text/html |
BID 92402 |
| PoC/webnms-5.2-sp1-pwn.txt at master · pedrib/PoC · GitHub | Exploit github.com text/html |
MISC github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt |
| SecurityFocus | www.securityfocus.com text/html |
BUGTRAQ 20160808 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Zohocorp | Webnms Framework | 5.2 | All | All | All |
| Application | Zohocorp | Webnms Framework | 5.2 | sp1 | All | All |
| Application | Zohocorp | Webnms Framework | 5.2 | All | All | All |
| Application | Zohocorp | Webnms Framework | 5.2 | sp1 | All | All |
- cpe:2.3:a:zohocorp:webnms_framework:5.2:*:*:*:*:*:*:*:
- cpe:2.3:a:zohocorp:webnms_framework:5.2:sp1:*:*:*:*:*:*:
- cpe:2.3:a:zohocorp:webnms_framework:5.2:*:*:*:*:*:*:*:
- cpe:2.3:a:zohocorp:webnms_framework:5.2:sp1:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE