CVE-2016-3653

HIGH

Symantec Endpoint Protection Manager < 12.1.6 - Authenticated Cross-Site Request Forgery

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-3653. PoCs published by hyp3rlinx.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Symantec Endpoint Protection Manager (SEPM) v12.1, including XSS, CSRF, and Open Redirect. It includes proof-of-concept examples for each vulnerability type, such as bypassing HttpOnly cookie protection via XSS and redirecting users to malicious URLs.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.

Exploits (1)

exploitdb WORKING POC VERIFIED

by hyp3rlinx · textwebappsphp

https://www.exploit-db.com/exploits/40041

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Symantec Endpoint Protection Manager (SEPM) v12.1, including XSS, CSRF, and Open Redirect. It includes proof-of-concept examples for each vulnerability type, such as bypassing HttpOnly cookie protection via XSS and redirecting users to malicious URLs.

Classification

Working Poc 100%

Attack Type

Xss | Csrf | Other

Complexity

Trivial

Reliability

Reliable

Target: Symantec Endpoint Protection Manager v12.1

Auth required

Prerequisites: Access to the SEP Management console · Victim interaction for CSRF and Open Redirect

MITRE ATT&CK

T1059.007 - JavaScript T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Vendor Advisory x_refsource_confirm

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_01

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1036196

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/91442

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40041/

Scores

CVSS v3 8.0

EPSS 0.0134

EPSS Percentile 67.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-352

Status published

Products (1)

symantec/endpoint_protection_manager < 12.1.6

Published Jun 30, 2016

Tracked Since Feb 18, 2026