CVE-2016-1611

HIGH

Novell Filr <1.2-2.0 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-1611. PoCs published by SEC Consult.

AI-analyzed exploit summary This is a detailed security advisory from SEC Consult describing multiple vulnerabilities in Micro Focus Filr, including CSRF, OS command injection, XSS, and authentication bypass. It includes proof-of-concept code for exploiting these vulnerabilities.

Description

Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.

Exploits (1)

exploitdb WRITEUP VERIFIED
by SEC Consult · textwebappsjava
https://www.exploit-db.com/exploits/40161

This is a detailed security advisory from SEC Consult describing multiple vulnerabilities in Micro Focus Filr, including CSRF, OS command injection, XSS, and authentication bypass. It includes proof-of-concept code for exploiting these vulnerabilities.

Classification
Writeup 100%
Attack Type
Rce, Xss, Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Micro Focus Filr 2 <=2.0.0.421, Filr 1.2 <= 1.2.0.846
No auth needed
Prerequisites: Network access to the target system · For some exploits, an authenticated session
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_bugtraq
http://seclists.org/bugtraq/2016/Jul/119
Vendor Advisory x_refsource_confirm
https://www.novell.com/support/kb/doc.php?id=7017689
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/40161/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/92113

Scores

CVSS v3 7.8
EPSS 0.0120
EPSS Percentile 64.1%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-264
Status published
Products (2)
novell/filr < 1.2
novell/filr < 2.0
Published Aug 01, 2016
Tracked Since Feb 18, 2026