CVE-2016-4437

CVE Database · CVE-2016-4437

CVE-2016-4437

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

93.14%

Published

Jun 7, 2016

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2021-11-03 · Due: 2022-05-03

Apply updates per vendor instructions.

Public PoC / Exploit (9)

All weaponized →

Exploit-DBApache Shiro 1.2.4 - Cookie RememberME Deserial RCE (Metasploit)NucleiNuclei detection template TrickestTrickest PoC index GitHub PoCbkfish/Awesome_shiro★55 GitHub PoC4nth0ny1130/shisoserial★24 GitHub PoCpizza-power/CVE-2016-4437★2 GitHub PoC35789-gh/cve-2016-4437★1 GitHub PoCm3terpreter/CVE-2016-4437★0 GitHub PoCxk-mt/CVE-2016-4437★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-321

Affected Products (4)

apache · aurora (up to 0.18.1)vulnerable

apache · shiro (up to 1.2.5)vulnerable

redhat · fusevulnerable

redhat · jboss_middleware_text-only_advisoriesvulnerable

References (15)

http://packetstormsecurity.com/files/137310/Apache-Shiro-1.2.4-Information-Disclosure.html

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/157497/Apache-Shiro-1.2.4-Remote-Code-Execution.html

ExploitThird Party AdvisoryVDB Entry

http://rhn.redhat.com/errata/RHSA-2016-2035.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2036.html

Third Party Advisory

http://www.securityfocus.com/archive/1/538570/100/0/threaded

Broken LinkThird Party AdvisoryVDB Entry

KEV Catalog EPSS Scores Vendors All CVEs