Lucene search
K

5 matches found

Circl
Circl
added 2018/05/29 3:50 p.m.13 views

CVE-2016-6267

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/trendmicrospsexec.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:49+00:00| seen|...

8.8CVSS8.7AI score0.54872EPSS
Exploits4References1
CVE
CVE
added 2017/01/30 10:0 p.m.57 views

CVE-2016-6267

CVE-2016-6267 affects Trend Micro Smart Protection Server (SnmpUtils) prior to specific builds: 2.5 before 2200, 2.6 before 2106, and 3.0 before 1330. The vulnerability allows remote authenticated users to execute arbitrary commands via shell metacharacters in admin_notification.php parameters (s...

8.8CVSS8.7AI score0.54872EPSS
Exploits4References2Affected Software1
Packet Storm
Packet Storm
added 2016/11/15 12:0 a.m.56 views

Trend Micro Smart Protection Server Exec Remote Code Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'openssl' require 'base64' class MetasploitModule "Trend Micro Smart Protection Server Exec Remote Code Injection", 'Description' = %q This...

0.1AI score0.54872EPSS
Exploits4
Check Point Advisories
Check Point Advisories
added 2016/11/14 12:0 a.m.11 views

Trend Micro Smart Protection Server admin_notification.php Command Injection (CVE-2016-6267)

A remote code execution vulnerability exists in the adminnotification.php script of Trend Micro Smart Protection Server. The vulnerability is due to insufficient validation of user-supplied input. A remote, authenticated attacker could exploit this vulnerability by providing crafted input to the...

6.5CVSS8.9AI score0.54872EPSS
Exploits4
Metasploit
Metasploit
added 2016/08/08 6:47 p.m.40 views

Trend Micro Smart Protection Server Exec Remote Code Injection

This module exploits a vulnerability found in TrendMicro Smart Protection Server where untrusted inputs are fed to ServWebExec system command, leading to command injection. Please note: authentication is required to exploit this vulnerability. This module requires Metasploit:...

8.8CVSS10AI score0.54872EPSS
Exploits4
Rows per page
Query Builder