5 matches found
CVE-2016-6267
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/trendmicrospsexec.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:49+00:00| seen|...
CVE-2016-6267
CVE-2016-6267 affects Trend Micro Smart Protection Server (SnmpUtils) prior to specific builds: 2.5 before 2200, 2.6 before 2106, and 3.0 before 1330. The vulnerability allows remote authenticated users to execute arbitrary commands via shell metacharacters in admin_notification.php parameters (s...
Trend Micro Smart Protection Server Exec Remote Code Injection
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'openssl' require 'base64' class MetasploitModule "Trend Micro Smart Protection Server Exec Remote Code Injection", 'Description' = %q This...
Trend Micro Smart Protection Server admin_notification.php Command Injection (CVE-2016-6267)
A remote code execution vulnerability exists in the adminnotification.php script of Trend Micro Smart Protection Server. The vulnerability is due to insufficient validation of user-supplied input. A remote, authenticated attacker could exploit this vulnerability by providing crafted input to the...
Trend Micro Smart Protection Server Exec Remote Code Injection
This module exploits a vulnerability found in TrendMicro Smart Protection Server where untrusted inputs are fed to ServWebExec system command, leading to command injection. Please note: authentication is required to exploit this vulnerability. This module requires Metasploit:...