Vulnerabilities > SAP > Trex > High

DATE CVE VULNERABILITY TITLE RISK
2017-07-25 CVE-2017-11459 Code Injection vulnerability in SAP Trex 7.10
SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via an fget command or (2) write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592.
network
low complexity
sap CWE-94
7.5
7.5
2017-04-11 CVE-2017-7691 Code Injection vulnerability in SAP Trex
A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA).
network
low complexity
sap CWE-94
7.5
7.5
2016-08-05 CVE-2016-6140 Improper Access Control vulnerability in SAP Trex 7.10
SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591.
network
high complexity
sap CWE-284
7.6
7.6
2016-08-05 CVE-2016-6139 Arbitrary File Read vulnerability in SAP Trex 7.10
SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
network
high complexity
sap
7.6
7.6