Skip to main content

Webnms Framework

4 CVEs product

Monthly

CVE-2016-6603 CRITICAL POC THREAT Emergency

ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 70.3%.

Authentication Bypass Zoho Webnms Framework
NVD GitHub Exploit-DB VulDB
CVSS 3.0
9.8
EPSS
70.3%
Threat
5.6
CVE-2016-6602 CRITICAL POC THREAT Emergency

ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 47.8%.

Information Disclosure Zoho Webnms Framework
NVD GitHub Exploit-DB VulDB
CVSS 3.0
9.8
EPSS
47.8%
Threat
4.9
CVE-2016-6601 HIGH POC THREAT Act Now

Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 92.8%.

Path Traversal Zoho Webnms Framework
NVD GitHub Exploit-DB VulDB
CVSS 3.0
7.5
EPSS
92.8%
Threat
5.8
CVE-2016-6600 CRITICAL POC THREAT Emergency

Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 90.6%.

Path Traversal File Upload Zoho Webnms Framework
NVD GitHub Exploit-DB VulDB
CVSS 3.0
9.8
EPSS
90.6%
Threat
6.2
EPSS 70% 5.6 CVSS 9.8
CRITICAL POC THREAT Emergency

ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 70.3%.

Authentication Bypass Zoho Webnms Framework
NVD GitHub Exploit-DB VulDB
EPSS 48% 4.9 CVSS 9.8
CRITICAL POC THREAT Emergency

ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 47.8%.

Information Disclosure Zoho Webnms Framework
NVD GitHub Exploit-DB VulDB
EPSS 93% 5.8 CVSS 7.5
HIGH POC THREAT Act Now

Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 92.8%.

Path Traversal Zoho Webnms Framework
NVD GitHub Exploit-DB VulDB
EPSS 91% 6.2 CVSS 9.8
CRITICAL POC THREAT Emergency

Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 90.6%.

Path Traversal File Upload Zoho +1
NVD GitHub Exploit-DB VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy