Critical severity9.8NVD Advisory· Published Aug 5, 2016· Updated May 6, 2026

CVE-2016-6147

Description

An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/92066nvdThird Party AdvisoryVDB Entry
www.onapsis.com/blog/analyzing-sap-security-notes-february-2016nvdThird Party Advisory
www.onapsis.com/research/security-advisories/sap-trex-remote-command-execution-0nvdPermissions Required
packetstormsecurity.com/files/138446/SAP-TREX-7.10-Revision-63-Remote-Command-Execution.htmlnvd
seclists.org/fulldisclosure/2016/Aug/94nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.008
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000