CVE-2016-0913

EMC Replication Manager / Network Module Remote Code Execution

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share.

El cliente en EMC Replication Manager (RM) en versiones anteriores a 5.5.3.0_01-PatchHotfix, EMC Network Module para Microsoft 3.x y EMC Networker Module para Microsoft 8.2.x en versiones anteriores a 8.2.3.6 permite a servidores RM remotos ejecutar comandos arbitrarios colocando una secuencia de comandos manipulada en un recurso compartido SMB.

EMC Replication Manager (RM) is affected by a remote code execution vulnerability that may be exploited by an attacker to compromise an affected system. A remote unauthenticated attacker may execute arbitrary commands on an RM Client, with high privileges, by starting a rogue RM Server that connects to the RM Client and executes the malicious script/payload that is placed in an SMB share, by the attacker, that is accessible to the RM Client. Affected include EMC Replication Manager versions prior to 5.5.3 on all supported OS, EMC Network Module for Microsoft version 3.x, and EMC Networker Module for Microsoft version 8.2.x.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-12-17 CVE Reserved
2016-10-04 CVE Published
2024-08-05 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (3)

URL	Tag	Source
http://seclists.org/bugtraq/2016/Oct/6	Mailing List
http://www.securityfocus.com/bid/93348	Vdb Entry
http://www.securitytracker.com/id/1036940	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Emc Search vendor "Emc"		Networker Module For Microsoft Applications Search vendor "Emc" for product "Networker Module For Microsoft Applications"				<= 8.2.3.6 Search vendor "Emc" for product "Networker Module For Microsoft Applications" and version " <= 8.2.3.6"		-		Affected
Emc Search vendor "Emc"		Networker Module For Microsoft Applications Search vendor "Emc" for product "Networker Module For Microsoft Applications"				3.0 Search vendor "Emc" for product "Networker Module For Microsoft Applications" and version "3.0"		-		Affected
Emc Search vendor "Emc"		Networker Module For Microsoft Applications Search vendor "Emc" for product "Networker Module For Microsoft Applications"				3.0.1 Search vendor "Emc" for product "Networker Module For Microsoft Applications" and version "3.0.1"		-		Affected
Emc Search vendor "Emc"		Replication Manager Search vendor "Emc" for product "Replication Manager"				<= 5.5.3 Search vendor "Emc" for product "Replication Manager" and version " <= 5.5.3"		-		Affected