High severity8.8NVD Advisory· Published Jan 30, 2017· Updated Jun 17, 2026
CVE-2016-6270
CVE-2016-6270
Description
The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the password to api/v1/cfg/oauth/save_identify_pfx/.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:trendmicro:virtual_mobile_infrastructure:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:trendmicro:virtual_mobile_infrastructure:5.0:*:*:*:*:*:*:*
- (no CPE)range: <5.1
Patches
Vulnerability mechanics
References
3- qkaiser.github.io/pentesting/trendmicro/2016/10/08/trendmicro-vmi/nvdExploitTechnical DescriptionThird Party Advisory
- www.securityfocus.com/bid/95884nvdThird Party AdvisoryVDB Entry
- success.trendmicro.com/solution/1115411nvdVendor Advisory
News mentions
0No linked articles in our index yet.