Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-8018

CWE-352Cross-Site Request Forgery (CSRF)4 documents4 sources
Severity
4.3MEDIUM
EPSS
0.4%
top 37.19%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Mcafee Virusscan EnterpriseIntel Virusscan Enterprise Linux (vsel)
Timeline
PublishedMar 14
Latest updateMay 17

Description

Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:LExploitability: 0.9 | Impact: 3.4

Affected Packages2 packages

CVEListV5intel/virusscan_enterprise_linux_(vsel)2.0.3 (and earlier)

🔴Vulnerability Details

2
GHSA
GHSA-5jq5-prmx-qp5v: Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 22022-05-17
CVEList
CVE-2016-8018: Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 22017-03-14

💥Exploits & PoCs

1
Exploit-DB
McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution2016-12-13
CVE-2016-8018 (MEDIUM CVSS 4.3) | Cross-site request forgery (CSRF) v | cvebase.io