Back to CVE Browser

CVE-2016-7089

HIGH

7.8

CVSS Severity Score

EPSS Score0.1380%

EPSS Percentile11.70th

PublishedAug 24, 2016

Last ModifiedMay 6, 2026

Vulnerability Description

WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN.

Affected Platforms (CPE)

📦

Watchguard

Rapidstream

All versions

References & Advisories

🔗 http://packetstormsecurity.com/files/138393/ESCALATEPLOWMAN-WatchGuard-Privilege-Escalation.html

🔗 http://www.securityfocus.com/bid/92638

🔗 https://www.exploit-db.com/exploits/40270/

🔗 https://www.secplicity.org/2016/08/16/nsa-equation-group-exploit-leak-mean/

🔗 http://packetstormsecurity.com/files/138393/ESCALATEPLOWMAN-WatchGuard-Privilege-Escalation.html

🔗 http://www.securityfocus.com/bid/92638

🔗 https://www.exploit-db.com/exploits/40270/

🔗 https://www.secplicity.org/2016/08/16/nsa-equation-group-exploit-leak-mean/

Related Vulnerabilities

CVE-2000-078410.0

sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remot...

CVE-2016-198510.0

HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java ...

CVE-2016-193110.0

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial...

CVE-2016-802710.0

SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and e...