HTTP: Trend Micro Smart Protection Server admin_notification.php Command Injection
This signature detects attempts to exploit a known vulnerability in the admin_notification.php script of Trend Micro Smart Protection Server. Successful exploitation could lead to arbitrary code execution under the security context of the webserv process.
Extended Description
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php.
Affected Products
Trendmicro smart_protection_server
Short Name
HTTP:TM-SPS-CI
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2016-6267 Command Injection Micro Protection Server Smart Trend admin_notification.php
Release Date
11/25/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3646
False Positive
Unknown
Vendors
Trendmicro
CVSS Score
6.5