CVE-2016-7836
CRITICAL KEVSKYSEA Client View <= 11.221.03 - Remote Code Execution via Authentication Bypass
Title source: llmExploitation Summary
CVE-2016-7836 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added October 14, 2025.
Description
SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing authentication on the TCP connection with the management console program.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
http://www.skyseaclientview.net/news/161221/
Exploit, Technical Description, Third Party Advisory x_refsource_confirm
https://www.skygroup.jp/security-info/170308.html
Third Party Advisory, VDB Entry third-party-advisory
x_refsource_jvn
https://jvn.jp/en/jp/JVN84995847/index.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/95062
Third Party Advisory, US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7836
Scores
CVSS v3
9.8
EPSS
0.3570
EPSS Percentile
97.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
yes
Technical Impact
total
Details
CISA KEV
2025-10-14
VulnCheck KEV
2017-10-12
ENISA EUVD
EUVD-2016-8685
CWE
CWE-287
Status
published
Products (2)
Sky Co., LTD./SKYSEA Client View
Ver.11.221.03 and earlier
skygroup/skysea_client_view
< 11.221.03
Published
Jun 09, 2017
KEV Added
Oct 14, 2025
Tracked Since
Feb 18, 2026