CVE-2016-8360

CWE-4153 documents3 sources
Severity
8.1HIGH
EPSS
1.0%
top 22.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Moxa Softcms
Timeline
PublishedFeb 13
Latest updateMay 17

Description

An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a denial of service or the execution of arbitrary code.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5moxa_softcms_prior_to_version_1.6Moxa SoftCMS prior to Version 1.6
NVDmoxa/softcms1.5

🔴Vulnerability Details

2
GHSA
GHSA-fcv2-47vf-j6hq: An issue was discovered in Moxa SoftCMS versions prior to Version 12022-05-17
CVEList
CVE-2016-8360: An issue was discovered in Moxa SoftCMS versions prior to Version 12017-02-13
CVE-2016-8360 (HIGH CVSS 8.1) | An issue was discovered in Moxa Sof | cvebase.io