Vulnerability Details : CVE-2016-5330
Public exploit exists!
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Products affected by CVE-2016-5330
- cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*
Threat overview for CVE-2016-5330
Top countries where our scanners detected CVE-2016-5330
Top open port discovered on systems with this issue
443
IPs affected by CVE-2016-5330 13,856
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2016-5330!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2016-5330
37.27%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2016-5330
-
DLL Side Loading Vulnerability in VMware Host Guest Client Redirector
Disclosure Date: 2016-08-05First seen: 2020-04-26exploit/windows/misc/vmhgfs_webdav_dll_sideloadA DLL side loading vulnerability was found in the VMware Host Guest Client Redirector, a component of VMware Tools. This issue can be exploited by luring a victim into opening a document from the attacker's share. An attacker can exploit this issue to execute arbitrary code
CVSS scores for CVE-2016-5330
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST | |
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-5330
-
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5330
-
http://www.securityfocus.com/bid/92323
VMware Tools CVE-2016-5330 DLL Loading Remote Code Execution VulnerabilityThird Party Advisory;VDB Entry
-
https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html
DLL side loading vulnerability in VMware Host Guest Client Redirector - Security Advisories and Insights - Securify B.V.Exploit;Third Party Advisory
-
http://www.vmware.com/security/advisories/VMSA-2016-0010.html
VMSA-2016-0010.1Mitigation;Vendor Advisory
-
http://www.securitytracker.com/id/1036545
VMware DLL Loading Error Lets Remote Users Execute Arbitrary Code on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload
DLL Side Loading Vulnerability in VMware Host Guest Client RedirectorThird Party Advisory
-
http://www.securityfocus.com/archive/1/539131/100/0/threaded
SecurityFocusThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1036544
VMware ESXi Server Header Injection Flaw Lets Remote Users Conduct Cross-Site Scripting and Redirect Attacks and DLL Loading Error Lets Remote Users Execute Arbitrary Code on the Target System - SecurThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1036619
VMware vRealize Log Insight Lets Remote Users Traverse the Directory to View Files on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
Jump to