CVE

Id
93423  
CVE No.
CVE-2016-6603  
Status
Candidate  
Description
ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header.  
Phase
Assigned (20160804)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
793674 93423 CVE-2016-6603 BUGTRAQ:20160808 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1  View
793675 93423 CVE-2016-6603 URL:http://www.securityfocus.com/archive/1/archive/1/539159/100/0/threaded  View
793676 93423 CVE-2016-6603 EXPLOIT-DB:40229  View
793677 93423 CVE-2016-6603 URL:https://www.exploit-db.com/exploits/40229/  View
793678 93423 CVE-2016-6603 FULLDISC:20160812 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1  View
793679 93423 CVE-2016-6603 URL:http://seclists.org/fulldisclosure/2016/Aug/54  View
793680 93423 CVE-2016-6603 MISC:http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html  View
793681 93423 CVE-2016-6603 MISC:https://blogs.securiteam.com/index.php/archives/2712  View
793682 93423 CVE-2016-6603 MISC:https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt  View
793683 93423 CVE-2016-6603 CONFIRM:https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them  View
793684 93423 CVE-2016-6603 BID:92402  View

Related JVN