CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

NVD•added 2017/07/25 6:29 p.m.•25 views

CVE-2017-11459

SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...

9.8CVSS9.8AI score0.01985EPSS

Exploits0References1

Prion•added 2017/07/25 6:29 p.m.•17 views

Command injection

7.5CVSS9.8AI score0.01985EPSS

Exploits0References1Affected Software1

CVE•added 2017/07/25 6:0 p.m.•47 views

CVE-2017-11459

CVE-2017-11459 affects SAP TREX 7.10. The vulnerability allows remote attackers to read arbitrary files via the fget command and to write arbitrary files to potentially execute arbitrary code via the fdir command, per SAP Security Note 2419592. Root cause labeled as Missing Authentication for Cri...

9.8CVSS9.8AI score0.01985EPSS

Exploits0References1Affected Software1

Cvelist•added 2017/07/25 6:0 p.m.•30 views

CVE-2017-11459

9.8AI score0.01985EPSS

Exploits0References1

NVD•added 2016/09/27 3:59 p.m.•12 views

CVE-2016-6137

An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591...

10CVSS9.8AI score0.04037EPSS

Exploits0References4

Cvelist•added 2016/09/27 3:0 p.m.•15 views

CVE-2016-6137

An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591...

9.9AI score0.04037EPSS

Exploits0References4

CNVD•added 2016/09/03 12:0 a.m.•0 views

SAP TREX Remote Command Execution Vulnerability

SAP TREX is a search engine from SAP for the SAP NetWeaver integrated technology platform. A remote command execution vulnerability exists in version 7.10 of SAP TREX that could be exploited by an attacker to execute arbitrary code in the context of an affected application...

10CVSS7.8AI score0.04037EPSS

Exploits0References1

NVD•added 2016/08/05 2:59 p.m.•18 views

CVE-2016-6140

SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591...

9.8CVSS9.3AI score0.09791EPSS

Exploits0References5

Prion•added 2016/08/05 2:59 p.m.•13 views

Design/Logic Flaw

SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591...

7.6CVSS7.4AI score0.09791EPSS

Exploits0References5Affected Software1

Prion•added 2016/08/05 2:59 p.m.•15 views

Design/Logic Flaw

An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226...

10CVSS8.2AI score0.10552EPSS

Exploits0References5Affected Software1

Prion•added 2016/08/05 2:59 p.m.•15 views

Design/Logic Flaw

SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591...

7.6CVSS7.3AI score0.05046EPSS

Exploits0References6Affected Software1

Prion•added 2016/08/05 2:59 p.m.•11 views

Directory traversal

Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591...

10CVSS7.2AI score0.1569EPSS

Exploits0References8Affected Software1

Cvelist•added 2016/08/05 2:0 p.m.•19 views

CVE-2016-6139

SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591...

9.4AI score0.05046EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by