Security for everyone

CVE-2016-4437 Scanner

Detects 'Remote Code Execution (RCE)' vulnerability in Apache Shiro affects v. before 1.2.5.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2016-4437 Scanner Detail

Apache Shiro is an open-source Java security framework that provides powerful authentication, authorization, and cryptography capabilities for web applications and other software systems. It allows developers to easily integrate essential security features into their projects, ensuring that they can protect sensitive data and resources from unauthorized access, manipulation, and theft.

CVE-2016-4437 is a critical vulnerability that was discovered in Apache Shiro before version 1.2.5. This vulnerability was caused by a flaw in the "remember me" feature of the framework, which could be exploited by remote attackers to execute arbitrary code or bypass intended access restrictions by sending a specially crafted request parameter.

When exploited, this vulnerability can give cybercriminals unauthorized access to sensitive data, such as login credentials, personal information, and financial records. This can lead to serious consequences, including identity theft, fraud, financial loss, and reputational damage. Moreover, the exploited vulnerability can provide a backdoor for attackers to conduct further attacks, such as phishing, malware deployment, and DDoS attacks.

Thanks to the pro features of the platform, you can easily and quickly learn about vulnerabilities in your digital assets. Our platform provides real-time information about the latest vulnerabilities, exploits, and attack vectors, as well as actionable insights and recommendations for remediation. With, you can stay ahead of the curve and protect your assets from cyber threats.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture