Zohocorp Webnms_framework
4 CVEs affecting Zohocorp Webnms_framework. Latest disclosed: 2017-01-23. Critical: 3, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-6603 | Critical | 9.8 | 2017-01-23 | ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header. |
CVE-2016-6602 | Critical | 9.8 | 2017-01-23 | ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwor… |
CVE-2016-6600 | Critical | 9.8 | 2017-01-23 | Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbit… |
CVE-2016-6601 | High | 7.5 | 2017-01-23 | Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files v… |