← back
CVE-2016-6366

CVE-2016-6366

CVSS 8.8 HIGHEPSS 87.5%● KEVCWE-120
In short

A buffer overflow vulnerability in Cisco ASA firewall devices allows authenticated users to send specially crafted network packets that can crash the device or execute malicious code. This is critical because firewalls protect entire networks, and compromising them gives attackers control over network traffic.

Technical detail

Remote authenticated attackers can trigger a buffer overflow in Cisco ASA SNMP processing by sending crafted IPv4 SNMP packets to affected devices (ASA 5500/5500-X, Services Module, 1000V, ASAv, Firepower 9300 ASA, PIX, FWSM running software through 9.4.2.3). Successful exploitation leads to arbitrary code execution with device privileges, requiring valid credentials for initial access.

Summary generated and translated by AI from the official description.
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found3
githubgithub.com/RiskSense-Ops/CVE-2016-6366163cve_referencewww.exploit-db.com/exploits/40258/unverifiedexploitdbwww.exploit-db.com/exploits/40258unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://blogs.cisco.com/security/shadow-brokershttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.ziphttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6366https://www.exploit-db.com/exploits/40258/https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.htmlhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmphttp://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516http://www.securityfocus.com/bid/92521http://www.securitytracker.com/id/1036637