CVE-2016-0051

HIGH EXPLOITED

Microsoft Windows 10 - Access Control

Title source: rule

Description

The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability."

Exploits (10)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/40085
exploitdb SUSPICIOUS VERIFIED
by hex0r · textlocalwindows
https://www.exploit-db.com/exploits/39788
exploitdb WORKING POC VERIFIED
by koczkatamas · clocalwindows_x86
https://www.exploit-db.com/exploits/39432
nomisec WORKING POC 325 stars
by koczkatamas · local
https://github.com/koczkatamas/CVE-2016-0051
nomisec WORKING POC 42 stars
by hexx0r · poc
https://github.com/hexx0r/CVE-2016-0051
nomisec STUB
by ganrann · poc
https://github.com/ganrann/CVE-2016-0051
metasploit WORKING POC EXCELLENT
by Tamas Koczka · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ms16_016_webdav.rb
patchapalooza WORKING POC
by mirrors_koczkatamas · poc
https://gitee.com/mirrors_koczkatamas/CVE-2016-0051
patchapalooza NO CODE
by Ascotbe · local
https://github.com/Ascotbe/Kernelhub

References (5)

Scores

CVSS v3 7.8
EPSS 0.6311
EPSS Percentile 98.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2019-03-06
CWE
CWE-264
Status published
Products (10)
microsoft/windows_10
microsoft/windows_10 1511
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2008
microsoft/windows_server_2008 r2 sp1
microsoft/windows_server_2012
microsoft/windows_server_2012 r2
microsoft/windows_vista
Published Feb 10, 2016
Tracked Since Feb 18, 2026