CVE-2016-6366

HIGH KEV

Cisco ASA Authentication Bypass (EXTRABACON)

Title source: metasploit

Description

Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.

Exploits (3)

exploitdb WRITEUP
by Shadow Brokers · textremotehardware
https://www.exploit-db.com/exploits/40258
nomisec WORKING POC 163 stars
by RiskSense-Ops · remote-auth
https://github.com/RiskSense-Ops/CVE-2016-6366
metasploit WORKING POC
by Sean Dillon <[email protected]>, Zachary Harding <[email protected]>, Nate Caroe <[email protected]>, Dylan Davis <[email protected]> · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/networking/cisco_asa_extrabacon.rb

References (9)

Scores

CVSS v3 8.8
EPSS 0.9121
EPSS Percentile 99.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-05-24
VulnCheck KEV 2016-08-15
InTheWild.io 2016-08-15
ENISA EUVD EUVD-2016-7289
CWE
CWE-120
Status published
Products (4)
cisco/adaptive_security_appliance_software 7.2.1 - 9.0.4.40
cisco/asa_1000v_cloud_firewall_software 8.7.1
cisco/asa_1000v_cloud_firewall_software 8.7.1.1
cisco/pix_firewall_software
Published Aug 18, 2016
KEV Added May 24, 2022
Tracked Since Feb 18, 2026