Vulnerabilities > SAP > Trex > Critical

DATE CVE VULNERABILITY TITLE RISK
2016-09-27 CVE-2016-6137 Remote Command Execution vulnerability in SAP Trex 7.10
An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591.
network
low complexity
sap
critical
10.0
2016-08-05 CVE-2016-6138 Path Traversal vulnerability in SAP Trex 7.10
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
network
low complexity
sap CWE-22
critical
10.0
2016-08-05 CVE-2016-6147 OS Command Injection vulnerability in SAP Trex 7.10
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.
network
low complexity
sap CWE-78
critical
10.0