CVE-2016-6137

2016-09-2715:00:00

mitre

www.cve.org

AI Score

9.9

Confidence

High

EPSS

0.008

Percentile

81.4%

JSON

An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591.

References

onapsis.com/research/security-advisories/sap-trex-remote-command-execution

packetstormsecurity.com/files/138436/SAP-TREX-7.10-Revision-63-Remote-Command-Execution.html

seclists.org/fulldisclosure/2016/Aug/113

seclists.org/fulldisclosure/2016/Aug/85