CVE-2016-8742

HIGH

Apache CouchDB <2.0.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-8742. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This is a detailed writeup describing a local privilege escalation vulnerability in Apache CouchDB v2.0.0 due to insecure file permissions on the 'nssm.exe' executable. Authenticated users can replace the executable to gain SYSTEM privileges when the service restarts.

Description

The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service launcher, or CouchDB batch or binary files. A subsequent service or server restart will then run that binary with administrator privilege. This issue affected CouchDB 2.0.0 (Windows platform only) and was addressed in CouchDB 2.0.0.1.

Exploits (1)

exploitdb WRITEUP VERIFIED

by hyp3rlinx · textlocalwindows

https://www.exploit-db.com/exploits/40865

View Code ZIP pw:eip

This is a detailed writeup describing a local privilege escalation vulnerability in Apache CouchDB v2.0.0 due to insecure file permissions on the 'nssm.exe' executable. Authenticated users can replace the executable to gain SYSTEM privileges when the service restarts.

Classification

Writeup 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Apache CouchDB v2.0.0

Auth required

Prerequisites: Local access to the system · Authenticated user privileges

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory mailing-list x_refsource_mlist

http://mail-archives.apache.org/mod_mbox/couchdb-dev/201612.mbox/%3C825F65E1-0E5F-4E1F-8053-CF2C6200C526%40apache.org%3E

Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40865/

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94766

Scores

CVSS v3 7.8

EPSS 0.0204

EPSS Percentile 78.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-264

Status published

Products (1)

apache/couchdb 2.0.0

Published Feb 12, 2018

Tracked Since Feb 18, 2026