CVE-2016-10043 Mrf CVE debrief

Who should care

Operators and defenders responsible for Radisys MRF Web Panel (SWMS) 9.0.1, especially internet-exposed deployments, web application owners, and teams that monitor CGI or shell-execution pathways.

Technical summary

NVD describes a CWE-78 OS command injection in /swms/ms.cgi, where the MSM_MACRO_NAME POST parameter accepts attacker-controlled input that can be extended with a pipe character to execute arbitrary operating-system commands. The vulnerable CPE is cpe:2.3:a:mrf:web_panel:9.0.1, and the CVSS v3.0 vector is AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. The supplied description also notes that malicious activity may appear to originate from the application or its owner account.

Defensive priority

Immediate. This is a network-reachable, no-authentication, high-impact command-injection issue with a CVSS 10.0 rating.

Recommended defensive actions

• Identify every deployment of SWMS 9.0.1 and isolate it until remediation is verified.
• Block or restrict access to /swms/ms.cgi at network and application controls where feasible.
• Apply the relevant vendor fix or migrate away from the vulnerable release if a fixed version is available.
• Review logs and host telemetry for signs of unexpected shell command execution or abnormal CGI activity.
• Verify that the application does not execute attacker-controlled input through the operating system and remove any unsafe command construction.

Evidence notes

The supplied NVD record lists the vulnerability as published on 2017-01-31 and last modified on 2026-05-13. It ties the issue to SWMS 9.0.1, CWE-78, and CVSS v3.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. A third-party Exploit-DB reference is present in the source corpus, but this debrief does not rely on exploit details.

Official resources