CVE-2017-11459

SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via an fget command or (2) write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:trex:7.10:*:*:*:*:*:*:*

History

21 Nov 2024, 03:07

Type Values Removed Values Added
References () https://erpscan.io/advisories/erpscan-17-019-sap-trex-rce/ - () https://erpscan.io/advisories/erpscan-17-019-sap-trex-rce/ -

Information

Published : 2017-07-25 18:29

Updated : 2024-11-21 03:07


NVD link : CVE-2017-11459

Mitre link : CVE-2017-11459

CVE.ORG link : CVE-2017-11459


JSON object : View

Products Affected

sap

  • trex
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')