CVE-2016-6137 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2016-6137

CWE

https://cwe.mitre.org/data/definitions/.html

An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591.

Affected Software

Name	Vendor	Start Version	End Version
Trex	Sap	7.10-revision_63 (including)	7.10-revision_63 (including)

References

http://onapsis.com/research/security-advisories/sap-trex-remote-command-execution
http://packetstormsecurity.com/files/138436/SAP-TREX-7.10-Revision-63-Remote-Command-Execution.html
http://seclists.org/fulldisclosure/2016/Aug/113
http://seclists.org/fulldisclosure/2016/Aug/85
http://onapsis.com/research/security-advisories/sap-trex-remote-command-execution
http://packetstormsecurity.com/files/138436/SAP-TREX-7.10-Revision-63-Remote-Command-Execution.html
http://seclists.org/fulldisclosure/2016/Aug/113
http://seclists.org/fulldisclosure/2016/Aug/85