CVE-2016-8019

MEDIUM

McAfee VirusScan Enterprise Linux < 2.0.3 - Unauthenticated Cross-Site Scripting via Crafted User Input

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-8019. PoCs published by Andrew Fasano.

AI-analyzed exploit summary This exploit chains multiple vulnerabilities (CVE-2016-8016 to CVE-2016-8025) in McAfee ePolicy Orchestrator to achieve remote code execution as root. It cracks authentication cookies, manipulates update servers, and executes arbitrary payloads via SQL injection and file write vulnerabilities.

Description

Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Andrew Fasano · pythonremotelinux

https://www.exploit-db.com/exploits/40911

View Code ZIP pw:eip

This exploit chains multiple vulnerabilities (CVE-2016-8016 to CVE-2016-8025) in McAfee ePolicy Orchestrator to achieve remote code execution as root. It cracks authentication cookies, manipulates update servers, and executes arbitrary payloads via SQL injection and file write vulnerabilities.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: McAfee ePolicy Orchestrator (versions affected by CVE-2016-8016 to CVE-2016-8025)

No auth needed

Prerequisites: Network access to the target · Ability to host a malicious update server · Payload script (payload.sh)

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94823

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1037433

Vendor Advisory x_refsource_confirm

https://kc.mcafee.com/corporate/index?page=content&id=SB10181

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40911/

Scores

CVSS v3 6.1

EPSS 0.0401

EPSS Percentile 89.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (2)

Intel/VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier)

mcafee/virusscan_enterprise < 2.0.3

Published Mar 14, 2017

Tracked Since Feb 18, 2026