Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-10079

CWE-20Improper Input Validation4 documents4 sources
Severity
7.5HIGH
EPSS
13.9%
top 5.68%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SAP Saplpd
Timeline
PublishedFeb 1
Latest updateMay 17

Description

SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDsap/saplpd7400.3.11.33

🔴Vulnerability Details

2
GHSA
GHSA-rwqp-gxj4-x34x: SAPlpd through 74002022-05-17
CVEList
CVE-2016-10079: SAPlpd through 74002017-02-01

💥Exploits & PoCs

1
Exploit-DB
SapLPD 7.40 - Denial of Service2016-12-28
CVE-2016-10079 (HIGH CVSS 7.5) | SAPlpd through 7400.3.11.33 in SAP | cvebase.io