CVE-2018-6222

HIGH

Trend Micro Email Encryption Gateway 5.5 - OS Command Injection via Log File Location Manipulation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-6222. PoCs published by Core Security.

AI-analyzed exploit summary This exploit demonstrates a man-in-the-middle attack against Trend Micro Email Encryption Gateway's insecure update mechanism, allowing arbitrary file writes and root command execution via a malicious RPM file or cron job injection.

Description

Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Core Security · textwebappsjsp
https://www.exploit-db.com/exploits/44166

This exploit demonstrates a man-in-the-middle attack against Trend Micro Email Encryption Gateway's insecure update mechanism, allowing arbitrary file writes and root command execution via a malicious RPM file or cron job injection.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Trend Micro Email Encryption Gateway 5.5 (Build 1111.00)
No auth needed
Prerequisites: Man-in-the-middle position · Victim system initiating an update check
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44166/
Patch, Vendor Advisory x_refsource_confirm
https://success.trendmicro.com/solution/1119349
Exploit, Technical Description, Third Party Advisory x_refsource_misc
https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities

Scores

CVSS v3 7.8
EPSS 0.0132
EPSS Percentile 67.1%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (1)
trendmicro/email_encryption_gateway 5.5
Published Mar 15, 2018
Tracked Since Feb 18, 2026