EMC NetWorker 8.2.1.x < / 9.0.x < RCE

Critical Nessus Plugin ID 91813


The remote Windows host has an application installed that is affected by a remote code execution vulnerability.


The version of EMC NetWorker installed on the remote Windows host is 8.2.1.x prior to or 9.0.x prior to It is, therefore, affected by a remote code execution vulnerability due to improper handling of authentication. An unauthenticated, remote attacker can exploit this to execute arbitrary commands by leveraging access to a different NetWorker instance.


Upgrade to EMC NetWorker / / or later.

See Also


Plugin Details

Severity: Critical

ID: 91813

File Name: emc_networker_esa_2016_072.nasl

Version: $Revision: 1.4 $

Type: local

Agent: windows

Family: Windows

Published: 2016/06/24

Modified: 2017/10/26

Dependencies: 62945

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:emc:networker

Required KB Items: installed_sw/EMC NetWorker

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2016/06/08

Vulnerability Publication Date: 2016/06/08

Reference Information

CVE: CVE-2016-0916

BID: 91125

OSVDB: 139596