CVE-2016-5845

MEDIUM

SAP SAPCAR - Denial of Service via Invalid File Name in Archive

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-5845. PoCs published by Core Security.

AI-analyzed exploit summary The document describes two vulnerabilities in SAPCAR (CVE-2016-5845 and CVE-2016-5847), including a denial-of-service via invalid filenames and a TOCTOU race condition leading to privilege escalation. Proof-of-concept archive files are provided to demonstrate the issues.

Description

SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Core Security · textdoslinux

https://www.exploit-db.com/exploits/40230

View Code ZIP pw:eip

The document describes two vulnerabilities in SAPCAR (CVE-2016-5845 and CVE-2016-5847), including a denial-of-service via invalid filenames and a TOCTOU race condition leading to privilege escalation. Proof-of-concept archive files are provided to demonstrate the issues.

Classification

Writeup 100%

Attack Type

Dos | Other

Complexity

Moderate

Reliability

Reliable

Target: SAPCAR archive tool (version 2.01 and possibly others)

No auth needed

Prerequisites: Local access to the system where SAPCAR is being executed · Ability to place a malicious archive file in a directory processed by SAPCAR

MITRE ATT&CK

T1499 - Endpoint Denial of Service T1548.001 - Setuid and Setgid

devstral-2 · analyzed Feb 16, 2026 Full analysis →