Vulnerability Description
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zohocorp | Webnms Framework | 5.2 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-WExploitThird Party Advisory
- http://seclists.org/fulldisclosure/2016/Aug/54ExploitMailing List
- http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosureThird Party Advisory
- http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_file_downloadThird Party Advisory
- http://www.securityfocus.com/archive/1/539159/100/0/threaded
- http://www.securityfocus.com/bid/92402Third Party AdvisoryVDB Entry
- https://blogs.securiteam.com/index.php/archives/2712ExploitTechnical DescriptionThird Party Advisory
- https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-prot
- https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txtExploit
- https://www.exploit-db.com/exploits/40229/ExploitThird Party Advisory
- http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-WExploitThird Party Advisory
- http://seclists.org/fulldisclosure/2016/Aug/54ExploitMailing List
- http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosureThird Party Advisory
- http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_file_downloadThird Party Advisory
- http://www.securityfocus.com/archive/1/539159/100/0/threaded
FAQ
What is CVE-2016-6601?
CVE-2016-6601 is a vulnerability with a CVSS score of 7.5 (HIGH). Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName paramet...
How severe is CVE-2016-6601?
CVE-2016-6601 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6601?
Check the references section above for vendor advisories and patch information. Affected products include: Zohocorp Webnms Framework.