CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-6534

Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 6.0

References

https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2
https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2

Products affected by CVE-2016-6534

Opmantek » Network Management Information System » Version: 4.3.6f

cpe:2.3:a:opmantek:network_management_information_system:4.3.6f
Opmantek » Network Management Information System » Version: 8.5.10g

cpe:2.3:a:opmantek:network_management_information_system:8.5.10g

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-6534

Products

Pricing

Contact Us