Vulnerability Details : CVE-2007-6507
Public exploit exists!
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code.
Vulnerability category: Execute code
Products affected by CVE-2007-6507
- cpe:2.3:a:trend_micro:serverprotect:5.58_security_patch_3:*:windows:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-6507
95.98%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2007-6507
-
TrendMicro ServerProtect File Access
First seen: 2020-04-26auxiliary/admin/serverprotect/fileThis modules exploits a remote file access flaw in the ServerProtect Windows Server RPC service. Please see the action list (or the help output) for more information. Authors: - toto
CVSS scores for CVE-2007-6507
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2007-6507
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-6507
Jump to