Vulnerability Details CVE-2016-7836
SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing authentication on the TCP connection with the management console program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.385
EPSS Ranking 97.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
Proposed Action
SKYSEA Client View contains an improper authentication vulnerability that allows remote code execution via a flaw in processing authentication on the TCP connection with the management console program.
Ransomware Campaign
Unknown
References
- http://www.securityfocus.com/bid/95062
- http://www.skyseaclientview.net/news/161221/
- https://jvn.jp/en/jp/JVN84995847/index.html
- https://www.skygroup.jp/security-info/170308.html
- http://www.securityfocus.com/bid/95062
- http://www.skyseaclientview.net/news/161221/
- https://jvn.jp/en/jp/JVN84995847/index.html
- https://www.skygroup.jp/security-info/170308.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7836
Products affected by CVE-2016-7836
-
cpe:2.3:a:skygroup:skysea_client_view:1.020.05b
-
cpe:2.3:a:skygroup:skysea_client_view:11.220.05p
-
cpe:2.3:a:skygroup:skysea_client_view:11.221.03
-
cpe:2.3:a:skygroup:skysea_client_view:6.010.06