Arbitrary Code Execution Vulnerability in Trend Micro Smart Protection Server

Arbitrary Code Execution Vulnerability in Trend Micro Smart Protection Server

CVE-2016-6268 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory.

Learn more about our Web App Pen Testing.