CVE-2016-6602

Published on: 01/23/2017 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:11 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Webnms Framework from Zohocorp contain the following vulnerability:

ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for a remote exploit.

  • CVE-2016-6602 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as - currently rated as CRITICAL severity.

CVSS3 Score: 9.8 - CRITICAL

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 5 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL NONE NONE

CVE References

Description Tags Link
WebNMS Framework 5.2 SP1 Traversal / Weak Obfuscation / User Impersonation ≈ Packet Storm Exploit
Third Party Advisory
packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html
WebNMS Framework Server 5.2 / 5.2 SP1 - Multiple Vulnerabilities Exploit
Third Party Advisory
www.exploit-db.com
Proof of Concept
text/html
URL Logo EXPLOIT-DB 40229
Full Disclosure: [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1 Exploit
Mailing List
seclists.org
text/html
URL Logo FULLDISC 20160812 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1
Recent Vulnerabilities in WebNMS and how to protect the server against them - WebNMS Developer Forums forums.webnms.com
text/html
URL Logo CONFIRM forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them
CVE-2016-6601 WebNMS Framework Server Credential Disclosure | Rapid7 Third Party Advisory
www.rapid7.com
text/html
URL Logo MISC www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosure
SSD Advisory – Multiple Vulnerabilities in WebNMS Framework Server | SecuriTeam Blogs Exploit
Technical Description
Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo MISC blogs.securiteam.com/index.php/archives/2712
WebNMS Framework Multiple Security Vulnerabilities Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 92402
PoC/webnms-5.2-sp1-pwn.txt at master · pedrib/PoC · GitHub Exploit
github.com
text/html
URL Logo MISC github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt
SecurityFocus www.securityfocus.com
text/html
URL Logo BUGTRAQ 20160808 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationZohocorpWebnms Framework5.2AllAllAll
ApplicationZohocorpWebnms Framework5.2sp1AllAll
ApplicationZohocorpWebnms Framework5.2AllAllAll
ApplicationZohocorpWebnms Framework5.2sp1AllAll
  • cpe:2.3:a:zohocorp:webnms_framework:5.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:zohocorp:webnms_framework:5.2:sp1:*:*:*:*:*:*:
  • cpe:2.3:a:zohocorp:webnms_framework:5.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:zohocorp:webnms_framework:5.2:sp1:*:*:*:*:*:*: