CVE-2016-6267

high

Published 2017-01-30 · Modified 2026-05-13

CVSS v3

8.8

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2

6.5

VIR risk

8.8

Description

SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php.

Predictions

Exploit likelihood

92%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://success.trendmicro.com/solution/1114913

Application impact

Vendor	Product	Versions
trendmicro	smart_protection_server	`2.5`
trendmicro	smart_protection_server	`2.6`
trendmicro	smart_protection_server	`3.0`

References

https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps/
https://success.trendmicro.com/solution/1114913
https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps/
https://success.trendmicro.com/solution/1114913

CWEs

CWE-20

Verify integrity in audit chain (admin only). AS-IS.