CVE-2016-6267

EUVD-2016-7197
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
trendmicrosmart_protection_server
2.5
trendmicrosmart_protection_server
2.6
trendmicrosmart_protection_server
3.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps/
https://success.trendmicro.com/solution/1114913
https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps/
https://success.trendmicro.com/solution/1114913