CVE-2016-6602

Name: CVE-2016-6602
Creator: NVD / NIST
Published: 2017-01-23T21:59:02.267+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 54.79%

Last modified Jun 17, 2026

CVE-2016-6602 is a vulnerability of currently unknown severity. ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for a remote exploit.. EPSS estimates a 54.79% chance of exploitation in the next 30 days.

Description

ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for a remote exploit.

Metrics

EPSS Probability

54.79%

98.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-327

Affected Software

Vendor	Product	Versions
Zohocorp	Webnms Framework	5.2

References

http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.htmlExploit, Third Party Advisory
http://seclists.org/fulldisclosure/2016/Aug/54Exploit, Mailing List
http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosureThird Party Advisory
http://www.securityfocus.com/archive/1/539159/100/0/threaded
http://www.securityfocus.com/bid/92402Third Party Advisory, VDB Entry
https://blogs.securiteam.com/index.php/archives/2712Exploit, Technical Description, Third Party Advisory
https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them
https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txtExploit
https://www.exploit-db.com/exploits/40229/Exploit, Third Party Advisory
http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.htmlExploit, Third Party Advisory
http://seclists.org/fulldisclosure/2016/Aug/54Exploit, Mailing List
http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosureThird Party Advisory
http://www.securityfocus.com/archive/1/539159/100/0/threaded
http://www.securityfocus.com/bid/92402Third Party Advisory, VDB Entry
https://blogs.securiteam.com/index.php/archives/2712Exploit, Technical Description, Third Party Advisory
https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them
https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txtExploit
https://www.exploit-db.com/exploits/40229/Exploit, Third Party Advisory

Timeline

Published: Jan 23, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-6602?

How severe is CVE-2016-6602?

Severity scoring for CVE-2016-6602 is pending analysis. The EPSS model estimates a 54.79% probability of exploitation in the next 30 days.

How do I fix CVE-2016-6602?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-6602?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST