vulnerability
SolarWinds DameWare Mini Remote Control: Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2016-2345)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Mar 17, 2016 | Mar 4, 2021 | Apr 7, 2026 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Mar 17, 2016
Added
Mar 4, 2021
Modified
Apr 7, 2026
Description
Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string.
Solution
solarwinds-dameware-mini-remote-control-upgrade-latest
References
- CVE-2016-2345
- https://attackerkb.com/topics/CVE-2016-2345
- CWE-119
- EUVD-EUVD-2016-3429
- http://packetstormsecurity.com/files/136293/Solarwinds-Dameware-Mini-Remote-Code-Execution.html
- http://www.kb.cert.org/vuls/id/897144
- http://www.securityfocus.com/archive/1/537823/100/0/threaded
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-3429
- https://www.securifera.com/advisories/CVE-2016-2345
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.