CVE-2016-1910

MEDIUM

SAP NetWeaver 7.4 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-1910. PoCs published by Vahagn Vardanyan.

AI-analyzed exploit summary This exploit demonstrates a time-based SQL injection (CVE-2016-2386) in SAP NetWeaver AS Java UDDI 7.11-7.50, leveraging information disclosure (CVE-2016-2388) to retrieve administrator credentials. It uses a SOAP request to extract password hashes via blind SQLi.

Description

The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290.

Exploits (1)

exploitdb WORKING POC
by Vahagn Vardanyan · pythonwebappsmultiple
https://www.exploit-db.com/exploits/43495

This exploit demonstrates a time-based SQL injection (CVE-2016-2386) in SAP NetWeaver AS Java UDDI 7.11-7.50, leveraging information disclosure (CVE-2016-2388) to retrieve administrator credentials. It uses a SOAP request to extract password hashes via blind SQLi.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: SAP NetWeaver AS Java UDDI 7.11-7.50
No auth needed
Prerequisites: Network access to SAP NetWeaver AS Java UDDI service · SOAP endpoint exposed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2016/Apr/60
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/80920
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/43495/

Scores

CVSS v3 5.3
EPSS 0.0682
EPSS Percentile 93.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
sap/netweaver 7.40
Published Jan 15, 2016
Tracked Since Feb 18, 2026